ModSecurity-nginx | ModSecurity v3 Nginx Connector | Content Management System library
kandi X-RAY | ModSecurity-nginx Summary
kandi X-RAY | ModSecurity-nginx Summary
The old version uses ModSecurity standalone, which is a wrapper for Apache internals to link ModSecurity to nginx. This current version is closer to nginx, consuming the new libmodsecurity which is no longer dependent on Apache. As a result, this current version has less dependencies, fewer bugs, and is faster. In addition, some new functionality is also provided - such as the possibility of use of global rules configuration with per directory/location customizations (e.g. SecRuleRemoveById).
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of ModSecurity-nginx
ModSecurity-nginx Key Features
ModSecurity-nginx Examples and Code Snippets
Community Discussions
Trending Discussions on ModSecurity-nginx
QUESTION
I am leveraging the ModSecurity WAF to help block tx's deemed dangerous on NGINX: https://github.com/SpiderLabs/ModSecurity https://github.com/SpiderLabs/ModSecurity-nginx
My issue can be found here: https://github.com/SpiderLabs/ModSecurity-nginx/issues/182
The TLDR of my problem is the nginx error_page
directive resets the HTTP Request Method Header sent by the originating client during its redirect to GET. This causes false positive logs with the WAF to report client sent an HTTP Body with GET etc. when they really sent a POST and NGINX hits the error_page
redirect due to some case with the upstream timing out on a reverse proxy call.
To fix this I need to hack in or PR something to this file section seemingly: https://github.com/SpiderLabs/ModSecurity-nginx/blob/master/src/ngx_http_modsecurity_rewrite.c#L145
With the goal of something like this in sudo code:
...ANSWER
Answered 2020-May-14 at 19:56Thanks for sharing! We solved some similar problems while developing Wallarm Nginx module. The short answer is yes, the wrong Nginx phase was used here. The reason is simple - this is a ModSecurity port from Apache, where Nginx phases are irrelevant.
I'll ask our development team if we can help with the patch.
QUESTION
I have a json log of modsecurity nginx. I have sent it to Elasticsearch. Now I want write a python script to get data from Elasticsearch and use this to trigger Zabbix monitor.
But I am confused with this. Here is my data when I get it to Elasticsearch
...ANSWER
Answered 2020-Mar-17 at 07:47Easy way in Python using json module
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install ModSecurity-nginx
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page