Nginx + modsecurity - Only Warnings in log file
See original GitHub issue_Issue originally created by user vikas027 on date 2017-05-15 09:49:31. Link to original issue: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/777._
Hey, I am noob in configuring ModSecurity. Following this tutorial, I have configured nginx v1.13.0 with ModSecuriy v2.9.1 and OWASP v3.0.2.
It seems to be configured well as I can see warnings for issues in ModSecurity Audit file, but I am not sure how to block threats. I have tried placing below line in /etc/nginx/modsec/modsecurity.conf
and /etc/nginx/modsec/main.conf
in vain.
SecDefaultAction "phase:2,log,auditlog,deny,status:403,tag:'SLA 24/7'"
Also, I do have SecRuleEngine On
in my modsecurity.conf
Not sure, what I am missing. 😦
Issue Analytics
- State:
- Created 3 years ago
- Comments:12
Top Results From Across the Web
Modsecurity + Nginx Only warnings in log file, not blocking ...
I have Nginx 1.14.0, Modsecurity 3 with nginx connector. Owasp 3.0.0. Ubuntu -14.04. Modsecurity is not blocking attacks although warning ...
Read more >ModSecurity: Logging and Debugging - NGINX
In this blog post, we describe the basics of logging and debugging with ModSecurity and provide audit log and debug log examples.
Read more >ModSecurity (in DetectionOnly mode) is not giving useful Logs ...
Issue : Is there a way I can get some useful information in the ModSecurity Logs, when I enable ModSecurity in Detection Only...
Read more >ModSecurity / CRS 3 - Tons of 920100 Warnings. Need Help ...
The Audit Log is set to "Relevant Only" to show Warning and Errors. I found there are just too many Warnings showing up....
Read more >Analyzing the mod security logs - Infosec Resources
It means all Apache error logs, warnings, fatal errors etc, and the Mod Security error logs are found in the same file, which...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
User dune73 commented on date 2017-05-16 04:24:44:
Great to hear it worked for you. Good luck with CRS!
User dune73 commented on date 2017-05-15 12:44:38:
OK. It looks like a bug. Thank you for your cooperation (and reporting this in the first place). Will be back.