Am 24.11.2016 um 16:59 schrieb Christian Folini:
The interesting bit, the H part is empty. That is very odd. What is your SecAuditLogParts setting? Maybe you remove it for a test so it reverts to the default which should bring you the H audit log part. Ahoj, Christian
SecAuditLogParts ABIJDEFHZ What I changed in crs-setup.conf was: SecDefaultAction "phase:1,log,auditlog,deny,status:403" SecDefaultAction "phase:2,log,auditlog,deny,status:403" ... instead of the default. Thanks, Michael _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set