Stricter configuration parsing. See #66 and #429.

2025-09-29 19:24:29 +03:00 · 2007-12-14 22:45:01 +00:00
parent cd51a10046
commit 476684e6ec
2 changed files with 23 additions and 9 deletions
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -1090,7 +1090,9 @@ SecAuditLogStorageDir logs/audit
      <para><emphasis>Dependencies/Notes:</emphasis> Rules following a
      SecDefaultAction directive will inherit this setting unless a specific
      action is specified for an indivdual rule or until another
-      SecDefaultAction is specified.</para>
+      SecDefaultAction is specified.  Take special note that in the logging
+      disruptive actions are not allowed, but this can inadvertantly be
+      inherited using a disruptive action in SecDefaultAction.</para>

      <para>The default value is:</para>

@@ -2090,7 +2092,9 @@ SecRule REQUEST_HEADERS:Host "!^$" "deny,<emphasis>phase:1</emphasis>"</programl
      This phase can be used to inspect the error messages logged by Apache.
      You can not deny/block connections in this phase as it is too late. This
      phase also allows for inspection of other response headers that weren't
-      available during phase:3 or phase:4.</para>
+      available during phase:3 or phase:4.  Note that you must be careful
+      not to inherit a disruptive action into a rule in this phase as this
+      is a configuration error in ModSecurity 2.5.0 and later versions.</para>
    </section>
  </section>