Re: [mod-security-users] Disable logging backend HTTP 403 mod_security
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Disable logging backend HTTP 403 mod_security
|
From: Ervin H. <ai...@gm...> - 2025-04-07 15:01:40
|
Hi Marcello, On Mon, Apr 07, 2025 at 11:10:34AM +0200, Marcello Lorenzi wrote: > Hi All, > we have a simple reverse proxy and we installed mod_security to check the > incoming traffic but we noticed a lot of APIs 403 backend errors in the > audit_log but they were correct for the application side. Is it possible to > disable the print of the backend 403 and have only the mod_security blocks? sorry to say but unfortunately there is only one response code, we can't distinguish it by its source. What I think is to put an extra response header in the backend side, and make a rule which checks that response header. If it exists (with a specified value), then turn off the audit.log for that transaction (ctl:auditLogEngine=Off). Or something similar... a. |
