|
From: homesh j. <ho...@gm...> - 2021-10-18 05:56:07
|
Hi Azurit, Thank you very much for the suggestion on antivirus plugin. I tested the antivirus plugin with CRS I have following queries Is CRS a prerequisite for this plugin ? as I don't use CRS I want to use this without CRS. I understand this plugin rule uses LUA script. I was able to see the virus name in the logs, however what is the variable name for the filename which was scanned. so I will call that variable inside the TAG or msg Thanks, Homesh On Mon, Oct 4, 2021 at 1:40 PM homesh joshi <ho...@gm...> wrote: > Thanks will test this and update you soon. > > On Mon, 4 Oct, 2021, 1:33 pm , <az...@po...> wrote: > >> Hi, >> >> if you are using CRS, please check this: >> https://github.com/coreruleset/antivirus-plugin >> >> azur >> >> >> Citát homesh joshi <ho...@gm...>: >> >> > Hi All, >> > >> > Hope you all are well. >> > I have done the Modsecurity and ClamAV integration and am now able to >> block >> > the malicious file upload. I wanted to get the filename and virus name >> > details inside modsec audit logs. >> > >> > I am not able to find any documentation on this. Can you please share >> any >> > document or tutorial on this ? >> > >> > Thanks, >> > Homesh >> >> >> >> >> >> _______________________________________________ >> mod-security-users mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-users >> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >> http://www.modsecurity.org/projects/commercial/rules/ >> http://www.modsecurity.org/projects/commercial/support/ >> > |
