Cleanup building actionsets and use minimal default. See #445.

Fully resolve all rules before logging.
2025-09-30 03:34:29 +03:00 · 2008-01-25 04:52:49 +00:00
parent 946a350043
commit 52ccced72b
4 changed files with 19 additions and 7 deletions
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -1118,9 +1118,9 @@ SecAuditLogStorageDir logs/audit
      disruptive actions are not allowed, but this can inadvertently be
      inherited using a disruptive action in SecDefaultAction.</para>

-      <para>The default value is:</para>
+      <para>The default value is minimal (differing from previous versions):</para>

-      <programlisting format="linespecific">SecDefaultAction log,auditlog,deny,status:403,phase:2,t:none</programlisting>
+      <programlisting format="linespecific">SecDefaultAction phase:2,log,pass</programlisting>

      <para><emphasis>Note</emphasis></para>

@@ -5721,4 +5721,4 @@ Server: Apache/2.x.x
      </section>
    </section>
  </section>
-</article>
+</article>