Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

mod_security logs

Discussion in 'Security' started by ffeingol, Jul 14, 2008.

  1. ffeingol

    ffeingol Well-Known Member
    PartnerNOC

    Joined:
    Nov 9, 2001
    Messages:
    215
    Likes Received:
    1
    Trophy Points:
    318
    cPanel Access Level:
    DataCenter Provider
    We have mod_security installed via cpanel. We have the default settings in modsec2.conf and a ton of custom rules added via WHM that go into modsec2.user.conf. The weird part is that the mod_security audit are going into the Apache error_log not modsec_audit.log

    Here is the directive from modsec2.conf:

    SecAuditLog logs/modsec_audit.log

    I've grep'ed through all the Apache config files and there is nothing overriding that rule. Anyone seen an issue like this before?

    TIA
     
  2. lntu2000

    lntu2000 Registered

    Joined:
    Mar 7, 2008
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    51
    EDit:

    SecAuditLog /var/logs/mocsec_audit.log

    Then restart httpd: service httpd restart
     
  3. ffeingol

    ffeingol Well-Known Member
    PartnerNOC

    Joined:
    Nov 9, 2001
    Messages:
    215
    Likes Received:
    1
    Trophy Points:
    318
    cPanel Access Level:
    DataCenter Provider
    We don't want them in /var/log/ We want them in the Apache log's dir like the rest of the logs. With the directive (as we have it) an empty modsec_audit.log is getting created but the messages are still logged to error_log not modsec_audit.log.

    Frank
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice