ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
Describe the bug
Although we changed
SecStatusEngine
default value toOff
(see #3092), the directive is already does what we expect - see the documentation.Expected behavior
As we discussed on Slack channel, it would be fine to remove this feature in background like in libmodsecurity3.
The parser should allow the directive but just simple ignore it.
Server (please complete the following information):