Skip to content

added disable error log support #360

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

added disable error log support #360

wants to merge 3 commits into from

Conversation

fatihusta
Copy link

modified old PR

#327

@fatihusta
added disable error log support
1494b25 
modified old PR

owasp-modsecurity#327

Signed-off-by: Fatih USTA <fatihusta86@gmail.com>
@airween
Copy link
Member

airween commented Aug 13, 2025

Hi @fatihusta,

many thanks for update the mentioned patch.

Could you add a new test case to the CI workflow, like this one? Just turn on this new feature, send an attack which triggers a rule, and check that the error.log is empty.

Thanks!

@airween airween mentioned this pull request Aug 13, 2025
Closed
@tomsommer
Copy link

tomsommer commented Aug 13, 2025
edited
Loading

Thank you for this. I'm already using it :)

My only feedback would be that the name of the variable is a bit confusing, you turn it ON to turn something OFF. modsecurity_use_error_log with default on would maybe make more sense?

Just my two cents

@fatihusta
added modsecurity_disable_error_log test cases
0d58757 
Signed-off-by: Fatih USTA <fatihusta86@gmail.com>
@airween
Copy link
Member

airween commented Aug 13, 2025

@fatihusta thanks for adding the test.

What do you think about @tomsommer's idea. I think you should consider it - I agree with him, the current implementation has a bit weird logic.

Also, after we agreed what should be the final keyword, please add the documentation into our README (README is part of the repository).

@fatihusta
directive changed as modsecurity_use_error_log
585dc82 
- tests are changed with new directive name
- nginx.conf updated with new directive name
- added doc

Signed-off-by: Fatih USTA <fatihusta86@gmail.com>
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@fatihusta
Copy link
Author

Hi
I changed the directive name as modsecurity_use_error_log. Default is on.

Thanks @tomsommer @airween

@airween
Copy link
Member

airween commented Aug 15, 2025

Hi I changed the directive name as modsecurity_use_error_log. Default is on.

Thanks - I'm going to check this soon. Until then, could you add this new keyword into README.md?

@fatihusta
Copy link
Author

Hi I changed the directive name as modsecurity_use_error_log. Default is on.

Thanks - I'm going to check this soon. Until then, could you add this new keyword into README.md?

I already added modsecurity_use_error_log key into README.md.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fatihusta @airween @tomsommer