Jean-Christophe CHENAILLER
Jean-Christophe CHENAILLER
Yes, I confirm the issue, you can fix it by adding the `i` flag to the regex used by the default highlighter in file [`bootstrap3-typeahead.js`](https://github.com/bassjobsen/Bootstrap-3-Typeahead/blob/master/bootstrap3-typeahead.js) on line [`316`](https://github.com/bassjobsen/Bootstrap-3-Typeahead/blob/fc2d5dce4a5406d9b924224e395d5647918707c7/bootstrap3-typeahead.js#L316), update the...
I would also appreciate this module (in the nginx-mainline version!)
Hello, if somebody needs help to reproduce the case (or fix my use case), please ping me :) I really need the corret http_code in the logs for better rule...
Here is a minimal setup you can try: ``` server { server_name nginx; listen nginx:80; # basically CRS setup include snippets/security.conf; location /auth { internal; modsecurity off; return 200; }...
Sorry, incomplet configuration in my test config log all, increase anomaly score ``` modsecurity_rules " SecAuditEngine On SecAction \"id:900112,phase:1,pass,nolog,setvar:tx.inbound_anomaly_score_threshold=80,setvar:tx.outbound_anomaly_score_threshold=5\" "; ``` `curl -I "http://nginx/404?t=phpinfo"` ``` HTTP/1.1 404 Not Found Date:...
OK, had to fix compilation of 1.0.3 against my system, but, yep, got 404 in log now!!! ```json { "transaction": { "client_ip": "10.0.9.96", "time_stamp": "Tue Dec 2 08:52:04 2025", "server_id":...
yes: without the `auth_request /auth;` 1.0.4 logs the code returned by the `proxy_pass` directive. actually, the [auth_request](https://nginx.org/en/docs/http/ngx_http_auth_request_module.html) makes an internal validation and should return 200 if OK, 403/401 if not....
example as explained in [previous comment](https://github.com/owasp-modsecurity/ModSecurity-nginx/issues/363#issuecomment-3594764125) : `curl -I "http://nginx/404?t=phpinfo"` => clients get status=404 auditlog says: `"http_code": 200,` I need the same code in auditlog that the client gets as...
So earlyhints, has been release in mainline, my understand is that actually this is not possible via `add_header X-Foo foo early;`, but only if setted by the backend response. my...