Hey Charles, You can use the nolog action to prevent ModSecurity from adding entries. For instance: SecRule ARGS:test "Test" "block,status:403,nolog,id:1"
Chaim Sanders Security Researcher, SpiderLabs Trustwave | SMART SECURITY ON DEMAND www.trustwave.com<http://www.trustwave.com/> From: owasp-modsecurity-core-rule-set-boun...@lists.owasp.org [mailto:owasp-modsecurity-core-rule-set-boun...@lists.owasp.org] On Behalf Of Charles Farinella Sent: Tuesday, June 2, 2015 10:38 AM To: owasp-modsecurity-core-rule-set@lists.owasp.org Subject: [Owasp-modsecurity-core-rule-set] How to prevent request body logging? We are seeing request bodies logged to our nginx logs. mod_security documentation says that "Messages at levels 1-3 are always copied to the Apache error log." Does anyone know how we can prevent this behavior? -- Charles Farinella Systems Administrator Appropriate Solutions, Inc. 603-924-6079 ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
