Re: Supressing Warning (chained rule)" in the log ?

Ivan Ristic wrote:
> Steffen wrote:
> 
>> Searched in the docu, but could not find an answer.
>>
>> It it possible not to log in the Apache error.log the "Warning
>> (chained rule)" entries?
>>
>> eg.:
>>
>> [Thu Oct 20 10:09:16 2005] [error] [client 63.196.49.252]
>> mod_security: Warning (chained rule). Pattern match "!^(GET|HEAD)$" at
>> REQUEST_METHOD [hostname "www.apachelounge.com"] [uri "/mail/web.cgi"]
> 
>  You should be able to add "nolog" to the rule to supress it.

   But this approach has some unexpected side-effects. If a rule
   after the one with "nolog" triggers the request will not be
   recorded in the audit log. Although further attempts can be
   made (with "auditlog") to restore this functionality, I have
   decided to simply move the above warning to level 3 (from
   level 1). This works as of 1.9RC4.

   I don't expect any more RC releases so maybe you should not
   upgrade to 1.9RC4. 1.9 stable will be released over the weekend.

--

-- 
Ivan Ristic
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org