Note about log level info

[studersi]

One issue that came up is that on nginx ModSecurity logs on log level info. So you need to log at least on info to be able to see the rule violations.

As this is rather high and people often have a lower log level, it can lead to confusion as they expect ModSecurity to intervene but do not see the corresponding log entries.

In the tutorial, this is not explained explicitly even though log level infois used:

error_log         logs/error.log info;

[dune73]

ACK. Will fix. (But don't hold your breath. These tutorials are quite out of date and I need to overhaul them.)