1 Feb 21:23
The 'exec' Action and Available Variables
Ken S. <shawing <at> gmail.com>
2010-02-01 20:23:52 GMT
2010-02-01 20:23:52 GMT
My question is about which variables are available to scripts running from the 'exec' action. I had posted earlier about wanting to log all POST data to a file separate from the Apache error_log. (http://article.gmane.org/gmane.comp.apache.mod-security.user/7099) Ryan was kind enough to point me to the 'exec' action in the documentation. So I began developing a Bash script to handle this for me; Bash is the most light-weight language that I know. My script works exactly as I want it when I run it as the "action" from a web form, but does not capture any POST data when run from as the exec action from my rule, but it does log all the other data from the script; i.e date, referrer, etc. You can see it at: http://www.imacollector.com/test-post.htm This is the rule I have in my modsecurity_crs_15_customrules.conf file: # Log POST data to a file SecRule REQUEST_METHOD "^POST$" "phase:2,t:none,noauditlog,log,pass,exec:/usr/local/apache2/bin/logpostvars.sh" The documentation says: "... Some transaction information will be placed in environment variables. All the usual CGI environment variables will be there. ..." so I suspect all I need to do is to know which environment variable stores the POST data and then split it in to key/value pairs and continue. If anyone could help me get over this last hurdle, I would be golden. Thanks! -ken -- -- Have a nice day ... unless you've made other plans. ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ mod-security-users mailing list mod-security-users <at> lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Appliances, Rule Sets and Support: http://www.modsecurity.org/breach/index.html
RSS Feed