Hello! I just enabled mod_security and deployed the default config. And now I'm... 
I have a few questions that I couldn't find the answers too. Not sure if this is asking too much, but can't hurt to ask
Does mod security display all blocks/access denied/not acceptable actions in the logs? Or do some actions such as 'Not acceptable' occur without your knowledge or making a record?
Also how do I block certain strings in a URL. For example I would like to block INSERTIMPMACROHERE - something automatically adds this to the end of URLs, how would I block all request with this in the URL?
In my htaccess to block a get attack I have the rule below, but it doesn't work globally because I have many htaccess files. So I'd like to add it to mod_security.
RewriteCond %{THE_REQUEST} \?13(\d+){11}\ [NC]
RewriteRule .* - [F]
How would I add that?
Lastly, how do I block all refers from a certain URL? So if someone/bot comes from baddomain.com, I can stop whatever they want to do/
That does sound like a lot to ask! So if anyone can just point me in the right direction maybe that would be a great help too!
Thanks!
I have a few questions that I couldn't find the answers too. Not sure if this is asking too much, but can't hurt to ask
Does mod security display all blocks/access denied/not acceptable actions in the logs? Or do some actions such as 'Not acceptable' occur without your knowledge or making a record?
Also how do I block certain strings in a URL. For example I would like to block INSERTIMPMACROHERE - something automatically adds this to the end of URLs, how would I block all request with this in the URL?
In my htaccess to block a get attack I have the rule below, but it doesn't work globally because I have many htaccess files. So I'd like to add it to mod_security.
RewriteCond %{THE_REQUEST} \?13(\d+){11}\ [NC]
RewriteRule .* - [F]
How would I add that?
Lastly, how do I block all refers from a certain URL? So if someone/bot comes from baddomain.com, I can stop whatever they want to do/
That does sound like a lot to ask! So if anyone can just point me in the right direction maybe that would be a great help too!
Thanks!