Skip to content

SecDebugLog does not work. #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
olekstumedia opened this issue Sep 14, 2016 · 5 comments
Closed

SecDebugLog does not work. #17

olekstumedia opened this issue Sep 14, 2016 · 5 comments
Assignees
@zimmerle

Comments

@olekstumedia
Copy link

olekstumedia commented Sep 14, 2016
edited
Loading

Has this in my site vhost config file for Nginx. By some reason debug log does not work ... although audit one works. What could be the reason? how to troubleshoot such issues(( It looks like a bug

  modsecurity on;

  location / {
_##  root /var/www/html;
##  modsecurity_rules_file /etc/nginx/modsecurity-3/nginx-modsecurity-complete.conf;
##   modsecurity_rules_file /etc/nginx/modsec3/modsecurity.conf;_
  modsecurity_rules '
    SecRuleEngine On
    SecDebugLog /tmp/modsec_debug.log
    SecDebugLogLevel 9
    SecRule ARGS "@contains test" "id:1,phase:2,t:trim,block"
  ';
  }
@olekstumedia
Copy link
Author

and it looks like it does not work... I think the rule should block such URLs like https://mysite.com/test

@zimmerle zimmerle self-assigned this Oct 6, 2016
@p0pr0ck5
Copy link
Contributor

I see the same issue. The nginx worker process is actually writing debug log lines to stdout. Additionally, the test executables provided with libmodsecurity also write to stdout even when SecDebugLog is configured, though I see several open() calls to the configured debug log file path. Perhaps a bug in debug_log_writer or debug_log_writer_agent?

@zimmerle
Copy link
Contributor

Hi @p0pr0ck5,

I am looking into this bug at this very moment. I will have more information in a few minutes.

zimmerle added a commit to owasp-modsecurity/ModSecurity that referenced this issue Oct 18, 2016
@zimmerle
Refectoring on the DebugLog mechanism
678a97d 
The DebugLog implementation was modified to use shared memory
to keep the information about the opened files and file handles.
The modification was necessary to avoid race-conditions. This
commit also closes the issue owasp-modsecurity/ModSecurity-nginx#17
@zimmerle
Copy link
Contributor

Hi @p0pr0ck5 and @olekstumedia,

Took some time but the problem should be fixed by: owasp-modsecurity/ModSecurity@678a97d

@mimugmail mimugmail mentioned this issue Feb 4, 2017
Closed
@vishaalgc
Copy link

Im facing similar issue, Not able to find anything from SecDebugLog in the defined location. 0 lines in the file. Is this issue fixed ? if so whats the solution ? @olekstumedia @zimmerle

@dennus dennus mentioned this issue Mar 23, 2018
Closed
@AnoopAlias AnoopAlias mentioned this issue Feb 3, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zimmerle zimmerle

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@zimmerle @p0pr0ck5 @vishaalgc @olekstumedia