Closed mean-cj closed 1 year ago
Hello @mean-cj ,
In summary, it looks like the issue is that:
a) you have specified in ModSecurity configuration, /tmp
as the directory, but
b) because of your use of PrivateTmp, the actual directory is /tmp/<some directory name>/tmp
When the SecRule attempts to read the file, it doesn't know to look for (b), and is assuming that the config in (a) specifies the directory fully.
One alternative you could consider, is to not use /tmp
for this functionality. For example you could use a location like /opt/modsecurity/var/upload/
Hi
Nginx with modsecurity , @inspectFile not working because clamdscan scan file inside /tmp , result is error "No such file or directory"
but in reality nginx write temporary upload file to privateTmp directory.
Nginx temporary file upload to privateTmp directory.
runav.conf
runav.pl
ModSecurity ::: modsec_debug.log
ll /tmp/20230518-164558-168440315843.733775-file-pbzXzg
Add ms_dbg_a() to src/operators/inspect_file.cc for debug
please merge this function to master It's great to see the result.