Skip to content

added disable error log support #360

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

added disable error log support #360

wants to merge 3 commits into from
+68 −5

Conversation

fatihusta
Copy link

modified old PR

#327

@fatihusta
added disable error log support
1494b25 
modified old PR

owasp-modsecurity#327

Signed-off-by: Fatih USTA <[email protected]>
@airween
Copy link
Member

airween commented Aug 13, 2025

Hi @fatihusta,

many thanks for update the mentioned patch.

Could you add a new test case to the CI workflow, like this one? Just turn on this new feature, send an attack which triggers a rule, and check that the error.log is empty.

Thanks!

@airween airween mentioned this pull request Aug 13, 2025
Closed
@tomsommer
Copy link

tomsommer commented Aug 13, 2025
edited
Loading

Thank you for this. I'm already using it :)

My only feedback would be that the name of the variable is a bit confusing, you turn it ON to turn something OFF. modsecurity_use_error_log with default on would maybe make more sense?

Just my two cents

@airween
Copy link
Member

airween commented Aug 13, 2025

@fatihusta thanks for adding the test.

What do you think about @tomsommer's idea. I think you should consider it - I agree with him, the current implementation has a bit weird logic.

Also, after we agreed what should be the final keyword, please add the documentation into our README (README is part of the repository).

@fatihusta
directive changed as modsecurity_use_error_log
585dc82 
- tests are changed with new directive name
- nginx.conf updated with new directive name
- added doc

Signed-off-by: Fatih USTA <[email protected]>
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@fatihusta
Copy link
Author

Hi
I changed the directive name as modsecurity_use_error_log. Default is on.

Thanks @tomsommer @airween

@airween
Copy link
Member

airween commented Aug 15, 2025

Hi I changed the directive name as modsecurity_use_error_log. Default is on.

Thanks - I'm going to check this soon. Until then, could you add this new keyword into README.md?

@fatihusta
Copy link
Author

Hi I changed the directive name as modsecurity_use_error_log. Default is on.

Thanks - I'm going to check this soon. Until then, could you add this new keyword into README.md?

I already added modsecurity_use_error_log key into README.md.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fatihusta @airween @tomsommer