Re: [mod-security-users] Variable that holds scheme
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Variable that holds scheme
|
From: Arlen W. <pu...@ar...> - 2022-04-15 18:29:51
|
Just a couple of thoughts: You could try looking for the request header for HSTS (Strict-Transport-Security). Won’t catch all browsers, but if you use it on your server it’ll catch most of them. (And why wouldn’t you use it?) Doesn’t REQUEST_URI_RAW work for this? I thought it gave the full URI as a text string. Have fun, Arlen > On Apr 14, 2022, at 3:12 AM, Ehsan Mahdavi <ehs...@gm...> wrote: > > > Hi ervin, > > The env.ssl_cipher or sth like that sounds good, if it works in Nginx. I'll try that and get back to you. > >> On Wed, Apr 13, 2022 at 3:51 PM Ervin Hegedüs <ai...@gm...> wrote: >> Hi there, >> >> On Wed, Apr 13, 2022 at 12:04:39PM +0100, Andrew Howe wrote: >> > >> > What are you trying to achieve? Are you trying to answer the question >> > "did this request come in as plain text HTTP or has TLS termination >> > been performed", and then treat the two cases differently? >> >> may be (the official poster) should try the ENV variable: >> >> https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#ENV >> >> See the example: >> >> # Reading an environment variable from other Apache module (mod_ssl) >> SecRule TX:ANOMALY_SCORE "@gt 0" "phase:5,id:16,msg:'%{env.ssl_cipher}'" >> >> >> and the comment below: >> >> Note : Use setenv to set environment variables to be accessed by Apache. >> >> >> As I know, ENV works in libmodsecurity too, but I have no idea >> how can it set through Nginx (if the server is it). |
