Closed cayirburak closed 1 year ago
i'm sorry i do not understand this issue. can you make an example? are you referring to the ids that are defined by naxsi?
i'm sorry i do not understand this issue. can you make an example? are you referring to the ids that are defined by naxsi?
Thanks for your quick reply.
Nginx can generate unique identifier for every request ($request_id) . I want to use this in error log which is generated by naxsi.
Example nginx access log : 200 [27/Sep/2021:12:12:39 +0300] ..101.24-- ..101.24 GET /?fname=%22+or+%22%22%3D%22&lname= HTTP/1.1 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36 c85f0187b2cf1b15c24b6133b671f431
Example naxsi error log : 2021/09/27 12:12:39 [error] 24029#0: *27151 NAXSI_FMT: ip=..101.24&server=..........&uri=/&learning=0&vers=0.56&total_processed=1&total_blocked=1&block=1&cscore0=$XSS&score0=64&cscore1=$SQL&score1=32&zone0=HEADERS&id0=1315&var_name0=cookie&zone1=ARGS&id1=1001&var_name1=fname, client: ..101.24, server: ......., request: "GET /?fname=%22+or+%22%22%3D%22&lname= HTTP/1.1", host: "****..:9090"
Customized log which i want : 2021/09/27 12:12:39 [error] 24029#0: *27151 NAXSI_FMT: ip=..101.24&server=..........&uri=/&learning=0&vers=0.56&total_processed=1&total_blocked=1&block=1&cscore0=$XSS&score0=64&cscore1=$SQL&score1=32&zone0=HEADERS&id0=1315&var_name0=cookie&zone1=ARGS&id1=1001&var_name1=fname, client: ..101.24, server: ......., request: "GET /?fname=%22+or+%22%22%3D%22&lname= HTTP/1.1", host: "****..:9090" c85f0187b2cf1b15c24b6133b671f431
oh. i do not think that naxsi supports this. it could definitely be useful. let me change this request into a feature request.
I'm looking forward to this feature. Thank you.
I'm so glad to read this development topic. I also need this development. I tried to do this for a long time, but I couldn't.
This feature is available in ModSecurity, the unique id generated by nginx can be transferred by editing in nginx.conf. I added the example as I thought it might be helpful.
https://github.com/SpiderLabs/ModSecurity-nginx#modsecurity_transaction_id
Thanks @wargio @cayirburak
I use naxsi with nginx. I want to add request id which is used by nginx to nginx error logs when blocked by naxsi. Is it possible ? Thanks for help.