why 403 FORBIDDEN message does not appear, when activating modsecurity on apache ?
I turn on mod security module SQL Injection and XSS Attack. and then I try to attack with a simple script like 'or true - and <script> (no) </ script>, when I've been attacked but why FORBIDDEN 403 message does not appear? when I checked in the attack error.log already visible. What is wrong ? i use ubuntu server with apache2 web server. please answer. Thank you
sorry my English is not good.