Re: [mod-security-users] toggle logging of post payload
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] toggle logging of post payload
|
From: Ivan R. <iv...@we...> - 2005-07-04 15:46:04
|
Thomas Berton wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello, > I'm trying to toggle the logging of the post data of a certain page. > I'm using mod_security 1.8.7 with Apache 2.0.54. Config is below: > > ~ AddHandler application/x-httpd-php .php > ~ SecAuditEngine On > ~ SecAuditLog logs/audit_log > ~ SecFilterEngine On > ~ SecFilterDefaultAction "allow,nolog" > ~ SecFilterScanPOST On > ~ SecFilterSelective SCRIPT_FILENAME "!(/index.php)$" "allow,log" > > It appears the 'nolog' option does not function the way I had it in mind. > I hope some of you can give me some pointers how to handle this. The > actual problem is that certain post data contains high sensitive > information that I wish to ban from the audit_log file. Try using "SecAuditEngine RelevantOnly" instead. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |
