Re: [mod-security-users] Strange Logs
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Strange Logs
|
From: Ivan R. <iv...@we...> - 2005-06-28 15:48:08
|
Christian Martorella wrote: > Ivan Ristic wrote: > >> Christian Martorella wrote: >> >>> Hi i was trying some logs for the modsecurity Console, and i found >>> these entries (generated by Nikto): >>> Why there is not Modsecurity_message? >>> Why there is no Action? >> >> modsecurity 1.9dev2 logs certain requests based only on the >> response status code (I will change this to be just an option before >> the final 1.9). So it is probably that Apache rejected >> those requests before they reached mod_security. You can verify >> this theory by looking at the debug log (at level 2 or more). >> > Fine, so why apache rejected those requests, before reaching the > modsecurity ? :) Because at the moment mod_security runs last, just before the handler is run. I am thinking about moving mod_security to run first, but only in v2. It's not really clear which option is better. For example, if we run very early we don't get to access Apache's per-context configuration (e.g. <Location>). So in order to retain the same functionality we have now the whole configuration mechanism would have to be replicated internal to modsecurity. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |
