ModSecurity (version 2.8 64-bit) on IIS doesn't seem to be protecting my website.
Installation was successful but protection is not taking effect.
Details:
- Microsoft Visual C++ 2013 Redistribution (x64) - 12.0.21005 has been installed
- ModSecurity log was not generated even though SecDebugLog path was set to: C:\inetpub\logs\ and SecDebugLogLevel was set to 9
- SecRuleEngine was set to On
- web.config was added with: <ModSecurity enabled="true" configFile="C:\Program Files\ModSecurity IIS\modsecurity_iis.conf" />
- Simple XSS test showed that the protection was not taking effect
- Windows Applilcation logs showed the following information (Level is Information, not Error):
The description for Event ID 0 from source ModSecurity cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
ModSecurity: LIBXML compiled version="2.9.1" -- (a)
- Section (a) involved different components:
- ModSecurity: LUA compiled version="Lua 5.1"
- ModSecurity: PCRE compiled version="8.33 "; loaded version="8.33 2013-05-28"
- ModSecurity: APR compiled version="1.4.8"; loaded version="1.4.8"
- ModSecurity for IIS (STABLE)/2.8.0 (http://www.modsecurity.org/) configured.
- Tried installing on IIS 7 (Windows Server 2008 R2) & IIS 8.5 Windows 8.1. Both giving the same error
Please help