From e17f5304b0a00a7a8eb1fddb03b8207a4ba5c1bc Mon Sep 17 00:00:00 2001 From: studersi Date: Tue, 8 May 2018 15:15:04 +0200 Subject: [PATCH] Change id of rule to prevent collision. --- tutorial-6/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tutorial-6/README.md b/tutorial-6/README.md index 7a610b1..6469fc0 100644 --- a/tutorial-6/README.md +++ b/tutorial-6/README.md @@ -662,7 +662,7 @@ It works from top to bottom and it seems the behaviour is just what we expected. Before coming to the end of this tutorial here’s one more tip that often proves useful in practice: _ModSecurity_ is not just a _Web Application Firewall_. It is also a very precise debugging tool. The entire traffic between client and server can be logged. This is done as follows: ```bash -SecRule REMOTE_ADDR "@streq 127.0.0.1" "id:11000,phase:1,pass,log,auditlog,\ +SecRule REMOTE_ADDR "@streq 127.0.0.1" "id:10100,phase:1,pass,log,auditlog,\ msg:'Initializing full traffic log'" ``` We then find the traffic for the client 127.0.0.1 specified in the rule in the audit log.