Re: [mod-security-users] filtering with no log
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] filtering with no log
|
From: David De M. <bio...@ya...> - 2006-02-16 16:23:01
|
Hi Ivan, Well as far I can see it is pretty much what I need. I will do some tests. And well, I'll be reading the doc carefully again ;-) Thanks a lot! Best regards, David --- Ivan Ristic <iv...@we...> a écrit : > David De Maeyer wrote: > > Hi all, > > > > I have installed mod_security on one of our > corporate > > servers (mod_security: 1.9.2, apache: 2.0.55, OS: > > FreeBSD 6, PHP: 5.1.2) and it works fine. > > > > I first installed mod_security for its ability to > log > > POST requests. This works fine for me. > > > > I was wondering if I could use it for filtering > and > > rejecting all the requests which are not > > identified/addressed by/to a specific web > application; > > logging only the successful requests into > access.log. > > > > Say a client sends a POST request containing a > > variable "origin" to a PHP script called > "test.php" > > served by the server on which mod_security is > > installed and configured. > > How about this: > > # deny everything quietly > SecFilterSelective REMOTE_ADDR !^$ > deny,status:404,nolog > > # apply special rules to /test.php only > <Location /test.php> > # start with no rules > SecFilterInheritance Off > > # you did say "POST" only, right? > SecFilterSelective REQUEST_METHOD "^POST$" > chain > # variable "origin" not empty > SecFilterSelective ARG_origin !^$ > allow,nolog,setenv:valid_request > > # deny everything else quietly > SecFilterSelective REMOTE_ADDR !^$ > deny,status:404,nolog > </Location> > > # Custom Apache log that logs only accepted > requests > CustomLog logs/custom_access_log \ > "%h %l %u %t \"%r\" %>s %b" \ > env=valid_request > > -- > Ivan Ristic, Technical Director > Thinking Stone, http://www.thinkingstone.com > ModSecurity: Open source Web Application Firewall > ___________________________________________________________________________ Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs exceptionnels pour appeler la France et l'international. Téléchargez sur http://fr.messenger.yahoo.com |
