Re: [mod-security-users] Log after mod_rewrite
Brought to you by:
victorhora,
zimmerletw
From: Brian R. <Bri...@br...> - 2008-02-25 16:36:39
|
As you have seen, ModSecurity audits the initial request (ie what came from the browser). This is by design so that you can have the "real" request in the audit log. -B China wrote: > Hi, > I've an Apache 2.1.6 web server with mod_rewrite and mod_security 2.1.3. > I would log in the AuditLog the request URL after the rewrite action, > but I can log only the URL send to Apache from web browser. > I've tried with mod_rewrite "PT" flag, changing the modules order in > Apache configuration file, setting up a SecRule to log in phase 5, but > the behaviour doesn't change. > > How can I obtain the intentional behaviour? > Thanks in advance. > > -- > > Davide Belloni > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2008. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > > > ------------------------------------------------------------------------ > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users -- Brian Rectanus Breach Security |