[mod-security-users] nolog rule still logs
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] nolog rule still logs
|
From: Bren <umu...@pr...> - 2021-04-03 17:39:03
|
Hello, I've been working to roll out ModSecurity on Nginx (OpenResty 1.19.3.1 / nginx-1.19.3). I compiled the Nginx connector against the Debian 10 version of libmodsecurity (v3.0.3, but this happens when using v3/master as well). Using the stock unmodified modsecurity.conf-recommended. I added this line for haproxy health checks: SecRule REQUEST_FILENAME "/waf_health_check" "id:1000,nolog,deny" Even with nolog this rule still logs to the audit log and the Nginx error log. I've tried every combo of options I could find to get this to stop logging but for some reason it still gets logged. As far as I can tell from the docs, nolog should prevent this rule match from appearing in any logs. I shouldn't need anything else but this. What am I missing? Bren |
