Re: SecWebAppId, more info please...

On 11/11/06, Shane Lahey <s.lahey@xxxxxxxxxxxxx> wrote:
> Hello mod-security-users,
>
> I was wondering if someone could give a detailed example of how
> SecWebAppId should be used.
>
> Also, i was wondering if it is a good idea to give each
> vhost their own SecWebAppId.. sorry if this is a stupid question, im
> just not 100% sure what qualifies as a single web application.

SecWebAppId is relevant in two cases:

1. You are logging transactions/alerts to the database and you want to
use the web application ID to search only the transactions belonging
to that application.

2. You are using the data persistence facility (collections SESSION
and USER) and you need to avoid collisions between sessions and users
belonging to different applications.

Both things are happening automatically and you only need to provide a
unique ID for every web application you are about.

As for the definition of a web application - it's completely up to
you. There are no rules. Whatever you see as a single space could be
treated as a "web application" in this context.

-- 
Ivan Ristic

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV