-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
I'm trying to toggle the logging of the post data of a certain page.
I'm using mod_security 1.8.7 with Apache 2.0.54. Config is below:
~ AddHandler application/x-httpd-php .php
~ SecAuditEngine On
~ SecAuditLog logs/audit_log
~ SecFilterEngine On
~ SecFilterDefaultAction "allow,nolog"
~ SecFilterScanPOST On
~ SecFilterSelective SCRIPT_FILENAME "!(/index.php)$" "allow,log"
It appears the 'nolog' option does not function the way I had it in mind.
I hope some of you can give me some pointers how to handle this. The
actual problem is that certain post data contains high sensitive
information that I wish to ban from the audit_log file.
Greetings,
Thomas.
- --
Name: Thomas Berton (ICT&O)
Email: tho...@ug...
URL: http://icto.ugent.be
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCw/ORZlbH+9NO2V0RAu36AJ9z7ZftCzCqlDFk/j3xisGOcVk+vQCfTeaM
G9qZm2/DdPeQML5l2v9U1E8=
=GW4X
-----END PGP SIGNATURE-----
|
