[mod-security-users] toggle logging of post payload
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] toggle logging of post payload
|
From: Thomas B. <tho...@ug...> - 2005-06-30 13:28:56
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I'm trying to toggle the logging of the post data of a certain page. I'm using mod_security 1.8.7 with Apache 2.0.54. Config is below: ~ AddHandler application/x-httpd-php .php ~ SecAuditEngine On ~ SecAuditLog logs/audit_log ~ SecFilterEngine On ~ SecFilterDefaultAction "allow,nolog" ~ SecFilterScanPOST On ~ SecFilterSelective SCRIPT_FILENAME "!(/index.php)$" "allow,log" It appears the 'nolog' option does not function the way I had it in mind. I hope some of you can give me some pointers how to handle this. The actual problem is that certain post data contains high sensitive information that I wish to ban from the audit_log file. Greetings, Thomas. - -- Name: Thomas Berton (ICT&O) Email: tho...@ug... URL: http://icto.ugent.be -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCw/ORZlbH+9NO2V0RAu36AJ9z7ZftCzCqlDFk/j3xisGOcVk+vQCfTeaM G9qZm2/DdPeQML5l2v9U1E8= =GW4X -----END PGP SIGNATURE----- |
