- Mod Security log
- The command below shows that ModSecurity is disabled:
# /usr/local/psa/admin/bin/modsecurity_ctl -s
ModSecurity is not enabled on the server.
- Log in the server via SSH.
Note: if direct SSH access to the server is not possible, contact server administrator for further assistance.
To enable Mod Security use the following command:
# /usr/local/psa/admin/bin/modsecurity_ctl -e
After that operation,
/var/log/modsec_audit.logwill be created in the following directory:
# ls -la /var/log/modsec_audit.log
-rw-r—– 1 root root 865608 Jun 29 09:37 /var/log/modsec_audit.log
Note: if ModSecurity is enabled and
/var/log/modsec_audit.log is empty, it means that no attack/threads are detected.
ModSecurity is set to Detection only and it writes to Apache logs.