Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
litespeed_wiki:config:mod_security-compatibility [2016/02/19 14:04] George Wang |
litespeed_wiki:config:mod_security-compatibility [2017/07/25 13:32] (current) Eric Leu [Supported Features List (Not Comprehensive)] |
||
---|---|---|---|
Line 10: | Line 10: | ||
* Scan request header/body. | * Scan request header/body. | ||
* Scan response header. | * Scan response header. | ||
+ | * Audit logging | ||
+ | * LSWS currently only supports the serial mode for audit logging. Since LiteSpeed is event driven, not like Apache that can have multiple processes and could change UID. | ||
===== Not Yet Support Features ===== | ===== Not Yet Support Features ===== | ||
Line 17: | Line 19: | ||
* Parsing XML. | * Parsing XML. | ||
+ | ===== Not Yet Support syntax ===== | ||
+ | * SecRemoteRules | ||
===== Reasons/Concerns not support them ===== | ===== Reasons/Concerns not support them ===== | ||
* The feature is not often used. | * The feature is not often used. | ||
* The feature may slow down LiteSpeed considerably due to our single-thread event driven architecture. | * The feature may slow down LiteSpeed considerably due to our single-thread event driven architecture. | ||
- | * Static file rules are skipped as they are unlikely to cause any real security issues. | + | * Requests to static files bypass mod_security scanning as they are unlikely to cause any real security issues. |