How do you convert Modsec 2.5 rules to work with Litespeed?

[Guermo]

The examples I see in the demo do not look comparable to that of the rules I am using with Apache Modsec 2.5.7. I am using LSWS 4.0.
For example:
# Do not accept GET or HEAD requests with bodies
SecRule REQUEST_METHOD "^(GET|HEAD)$" "chain,deny,log,auditlog,msg:'GET or HEAD requests with bodies', severity:'2',id:'960011'"
SecRule REQUEST_HEADERS:Content-Length "!^0?$"

The rules I see in the demo begin with Secfilterselective and have a different format. How do I change the above example to be in the LSWS format?

 

[mistwang]

4.0 can take modsec 2.x configuration "SecRule" in addition to modsec 1.9 rules.

 

[Guermo]

Thanks Mistwang. But I am still unsure on the default action setting. Since this is separate from the rule itself in the way LSWS supports mod sec, would I remove this portion from the rule in the example below: chain,deny,log,auditlog,msg


# Do not accept GET or HEAD requests with bodies
SecRule REQUEST_METHOD "^(GET|HEAD)$" "chain,deny,log,auditlog,msg:'GET or HEAD requests with bodies', severity:'2',id:'960011'"
SecRule REQUEST_HEADERS:Content-Length "!^0?$"