Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add interface in libModSecurity for reopening log files #1968

Open
victorhora opened this issue Nov 28, 2018 · 3 comments · May be fixed by #2304
Open

Add interface in libModSecurity for reopening log files #1968

victorhora opened this issue Nov 28, 2018 · 3 comments · May be fixed by #2304
Assignees
Labels
3.x Related to ModSecurity version 3.x new feature This is a new feature RIP - libmodsecurity RIP - Type - Feature
Milestone

Comments

@victorhora
Copy link
Contributor

This is related with feature request owasp-modsecurity/ModSecurity-nginx#121

Modsecurity should reopen audit log on these two signals for proper logrotate operation.

As noted at owasp-modsecurity/ModSecurity-nginx#121 (comment), we could leverage a similar approach as described at https://forum.nginx.org/read.php?29,247488,247500#msg-247500 (i.e. use standard nginx API to open some stub-file with ngx_conf_open_file(), add required handler, and use it for detecting USR1 and HUP signals from master process)

But it seems like libModSecurity currently does not have a nice interface to initiate audit/debug log files reopening by connector's request.

There's a PoC on how we could accomplish that on the connector at owasp-modsecurity/ModSecurity-nginx#121 (comment) as a starting point.

@remort
Copy link

remort commented Oct 4, 2022

Any news up on that?

@baptiste-fourmont
Copy link

Any news?

@airween
Copy link
Member

airween commented Dec 3, 2024

Hi @baptiste-fourmont,

Any news?

Unfortunately not. If you have any idea how can we solve this, feel free to open a PR. But I try to keep this on the table...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
3.x Related to ModSecurity version 3.x new feature This is a new feature RIP - libmodsecurity RIP - Type - Feature
Projects
None yet
Development

Successfully merging a pull request may close this issue.

5 participants