problem edit httpd-modsecurity.conf

hi
i have error in httpd/error_log :
ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.

i insert cod (secStatusEngine on) in /etc/httpd/conf/extra/httpd-modsecurity.conf

after change , diplay error in cwaf → security engine :

Custom Mod Security configuration found!
Press “Update config” button to update it with values from this screen.
After update, backup of current configuration could be found in: /etc/httpd/conf/extra/httpd-modsecurity.conf.custom

i updated config, but again display error :frowning:

no problem? because i edited and changed : httpd-modsecurity.conf
no Interference and no problem ?
how to fix display error in cwaf → security engine
i using DirectAdmin
please answer me.
Thanks.

[attachment deleted by admin]

Hi

Are you sure you need status engine enabled?
Except from mod_security manual:

SecStatusEngine Description: Controls Status Reporting functionality. Uses DNS-based reporting to send software version information to the ModSecurity Project team. Version: Under testing at the branch: https://github.com/SpiderLabs/ModSecurity/tree/modsec_status Default: Off If SecStatusEngine is marked as On, the following information will be shared with the ModSecurity project team when the web server is started:

Anonymous unique id for the server
Version of:
ModSecurity
Web Server Software (Apache, IIS, Nginx, Java)
APR
Libxml2
Lua
PCRE

Error 'Custom Mod Security configuration found! ’ mean plugin found directives it not know how to handle.
It’s OK to use custom config but all consequences are your responsibility.
During saving custom configuration plugin try to do the best to save custom settings, but better to check result manually.
So if you sure you need ‘SecStatusEngine’ directive just ignore this error message, but check if plugin saved config in the right way.

Regards, Oleg

Thanks.

So if secStatusEngine=off —> no problem and good working CWAF and good security ?

In your opinion which one is better?
edit and change manually —>httpd-modsecurity.conf → secStatusEngine=on
or
just edit with CWAF → security engine ,and ----> secStatusEngine=off
What is the best way?

Hi

So if secStatusEngine=off ---> no problem and good working CWAF and good security ?
Yes
In your opinion which one is better? edit and change manually --->httpd-modsecurity.conf --> secStatusEngine=on or just edit with CWAF --> security engine ,and ----> secStatusEngine=off

Edit with CWAF → security engine.
secStatusEngine not improve your security.

Regards, Oleg

Thank you very much