Re: [mod-security-users] Variable that holds scheme
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Variable that holds scheme
|
From: Ehsan M. <ehs...@gm...> - 2022-04-14 08:11:10
|
Hi ervin, The env.ssl_cipher or sth like that sounds good, if it works in Nginx. I'll try that and get back to you. On Wed, Apr 13, 2022 at 3:51 PM Ervin Hegedüs <ai...@gm...> wrote: > Hi there, > > On Wed, Apr 13, 2022 at 12:04:39PM +0100, Andrew Howe wrote: > > > > What are you trying to achieve? Are you trying to answer the question > > "did this request come in as plain text HTTP or has TLS termination > > been performed", and then treat the two cases differently? > > may be (the official poster) should try the ENV variable: > > https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#ENV > > See the example: > > # Reading an environment variable from other Apache module (mod_ssl) > SecRule TX:ANOMALY_SCORE "@gt 0" "phase:5,id:16,msg:'%{env.ssl_cipher}'" > > > and the comment below: > > Note : Use setenv to set environment variables to be accessed by Apache. > > > As I know, ENV works in libmodsecurity too, but I have no idea > how can it set through Nginx (if the server is it). > > > > a. > > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > -- regards Ehsan Mahdavi Computer Engineering Ph.D. |
