Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix error_page internal redirect false positive logging #204

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Fix error_page internal redirect false positive logging #204

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
97a5835
Fix error_page internal redirect false positive logging
jeremyjpj0916 May 22, 2020
a6e91a0
Merge branch 'master' into master
jeremyjpj0916 Nov 5, 2020
57c1082
Merge branch 'master' into master
jeremyjpj0916 May 30, 2024
4368c58
Update CHANGES
jeremyjpj0916 May 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 8 additions & 3 deletions CHANGES
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
v1.0.4 - 2024-May-29
--------------------

- Fix request logging false positives due to error_page internal redirects and improve performance by not evaluating again post redirect
[Issue #182 - @jeremyjpj0916]

v1.0.3 - 2022-May-24
--------------------

Expand All @@ -17,7 +23,7 @@ v1.0.2 - 2021-Jun-02
[Issue #216 - @krewi1, @martinhsv]
- Fix config setting not respected: client_body_in_file_only on
[Issue #187 - @martinhsv]
- Fix audit_log not generated for disruptive actions
- Fix audit_log not generated for disruptive actions
[Issue #170, #2220, #2237 - @victorhora]
- Exit more gracefully if uri length is zero
[@martinhsv]
Expand All @@ -27,7 +33,7 @@ v1.0.1 - 2019-Dec-16

- Fixed obtaining of server_addr
[Issue #167, #168 - @defanator]
- Avoid processing of subrequests initiated by the error_page
- Avoid processing of subrequests initiated by the error_page
[Issue #76, #164, #165 - @defanator]
- Tests: extend request body tests
[Issue #142,#143 - @defanator]
Expand Down Expand Up @@ -67,4 +73,3 @@ v1.0.0 - 2017-Dec-20
--------------------

- First version of ModSecurity-nginx connector

6 changes: 5 additions & 1 deletion src/ngx_http_modsecurity_pre_access.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,11 @@ ngx_http_modsecurity_pre_access_handler(ngx_http_request_t *r)
ngx_http_modsecurity_ctx_t *ctx;
ngx_http_modsecurity_conf_t *mcf;


if (r->error_page) {
return NGX_DECLINED;
}

dd("catching a new _preaccess_ phase handler");

mcf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity_module);
Expand Down Expand Up @@ -227,4 +232,3 @@ ngx_http_modsecurity_pre_access_handler(ngx_http_request_t *r)
#endif
return NGX_DECLINED;
}

7 changes: 6 additions & 1 deletion src/ngx_http_modsecurity_rewrite.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,11 @@ ngx_http_modsecurity_rewrite_handler(ngx_http_request_t *r)
ngx_http_modsecurity_ctx_t *ctx;
ngx_http_modsecurity_conf_t *mcf;


if (r->error_page) {
return NGX_DECLINED;
}

mcf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity_module);
if (mcf == NULL || mcf->enable != 1) {
dd("ModSecurity not enabled... returning");
Expand Down Expand Up @@ -227,4 +232,4 @@ ngx_http_modsecurity_rewrite_handler(ngx_http_request_t *r)


return NGX_DECLINED;
}
}
Loading