ModSecurity

ModSecurity copied to clipboard

Problem in retrieving collections from Persistant Storage

2

In collection_retrieve_ex(), we check if a key exist with the name "KEY": if (apr_table_get(col, "KEY") == NULL) ... In collection_store(), we store the key with the name "__KEY": var_key =...

marcstern

fix memory patch, should close #2710

6

liudongmiao

rules with multiMatch may omit 'tag' information in audit log output

2

Hi, I wrote a simple program and detect the potential attacks, and I find that rule message(or log data) I get from callback differs. > > [log:ModSecurity: Warning. Matched "Operator...

chenjinlei

ModSecurity not putting some transactions to audit log

8

**Describe the bug** We are facing a problem when in certain cases ModSecurity is not tracking the blocking in the audit log despite we have set it as a default...

PeterP55P

PCRE2 support still requires PCRE1

3

libmodsecurity 3.0.7 compiles fine using `--with-pcre2` only when both pcre1 and pcre2 dev packages are installed, which is wrong... Moreover, the resulting binary links against both libraries... which is further...

dvershinin

Feature request: adding severity in ModSecurityIntervention

6

Hi, I think would be very useful adding in `ModSecurityIntervention` a `severity` field populated by disruptives `evaluate` function. In this way a connector can use the `intervention.log` based the `severity`...

FedericoHeichou

Unable to turn off writing to the server log even set to `nolog,noauditlog`

7

**Describe the bug** I have set this to return status 418 but i do not want any logs inside the nginx ``` SecRule REQUEST_HEADERS"@contains vip_checking" "phase:2,id:70010,deny,nolog,noauditlog,status:418" ``` But it somehow...

Taymindis

the rule 210710 is fired but there is no audit log for it

5

Hi, based on modsecurity debug logs, the rule 210710 is fired by executing a curl command that contains a malicious content-type but related audit log is not created. the curl...

ssh81

allow logging to systemd journal

6

`SecAuditLog` currently does not allow logging to systemd journal. Or at least that's not documented. Could you please allow logging to systemd journal? Might be simple to implement. For example...

adrelanos

build broken on Debian bullseye - ../libtool: line 1733: 84059 Aborted (core dumped) ar cr .libs/libmodsecurity.a

11

``` git clone --depth 1 -b v3/master --single-branch https://github.com/SpiderLabs/ModSecurity ``` ``` cd ModSecurity ``` ``` ~/ModSecurity$ ./build.sh libtoolize: putting auxiliary files in '.'. libtoolize: copying file './ltmain.sh' libtoolize: putting macros...

adrelanos