Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
litespeed_wiki:config:mod_security-compatibility [2016/02/19 14:04] George Wang |
litespeed_wiki:config:mod_security-compatibility [2017/07/25 13:32] (current) Eric Leu [Supported Features List (Not Comprehensive)] |
||
|---|---|---|---|
| Line 10: | Line 10: | ||
| * Scan request header/body. | * Scan request header/body. | ||
| * Scan response header. | * Scan response header. | ||
| + | * Audit logging | ||
| + | * LSWS currently only supports the serial mode for audit logging. Since LiteSpeed is event driven, not like Apache that can have multiple processes and could change UID. | ||
| ===== Not Yet Support Features ===== | ===== Not Yet Support Features ===== | ||
| Line 17: | Line 19: | ||
| * Parsing XML. | * Parsing XML. | ||
| + | ===== Not Yet Support syntax ===== | ||
| + | * SecRemoteRules | ||
| ===== Reasons/Concerns not support them ===== | ===== Reasons/Concerns not support them ===== | ||
| * The feature is not often used. | * The feature is not often used. | ||
| * The feature may slow down LiteSpeed considerably due to our single-thread event driven architecture. | * The feature may slow down LiteSpeed considerably due to our single-thread event driven architecture. | ||
| - | * Static file rules are skipped as they are unlikely to cause any real security issues. | + | * Requests to static files bypass mod_security scanning as they are unlikely to cause any real security issues. |