GoldenBookCover
commented
5 years ago Oops, seems I need to change the file extension, and upload them again. nginx.conf.txt test.php.txt website.conf.txt
Closed GoldenBookCover closed 5 years ago
GoldenBookCover
commented
5 years ago Oops, seems I need to change the file extension, and upload them again. nginx.conf.txt test.php.txt website.conf.txt
GoldenBookCover
commented
5 years ago Sorry I shouldn't commit it here, I'll commit a now issue in ModSecurity section.
Describe the bug The redirect action doesn't work. I wanted to redirect a php-leakage page back to the index page, but it never did. This is the rule I used in RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf file:
php leakage, redirect to index.
Logs and dumps Here are the DebugLogs (level 9), AuditLogs and Error logs I also attached the "test.php" file, which I accessed to test the rule. You can easily expect the output. The nginx.conf file is additional, in case that you'll want to have a look.
Steps to reproduce the behavior Just access /test.php page and it seemed to lost connection. You can have a try. https://www.misakaamazingelectricstudio.tk/test.php
Expected behavior It should redirect me back to the index page, but it didn't.
Server ModSecurity version (and connector): ModSecurity v3.0.3 Not sure, I only know it's v1.0.* WebServer: nginx-1.14.2 OS: CentOS Linux release 7.6.1810 (Core)
Rule Set OWASP ModSecurity Core Rule Set ver.3.2.0
Please let me know if you need any further information, thanks. access.log error.log modsec_audit.log modsec_debug.log