Is there any way to set a secrule in modsecurity to filter (nolog) if the POST body length is smaller than 10 bytes?
I am logging all POST requests, just want to filter unwanted logs.
Asked
Active
Viewed 158 times
0
-
Can you try putting: SecRule REQUEST_BODY_LENGTH "@lt 10" "id:12345,phase:1,nolog,ctl:requestBodyAccess=off". Check https://stackoverflow.com/questions/38257534/mod-security-a-rule-to-allow-post-requests-without-a-request-body , I modified the first answer and gave it to you as I do not have apache setup reasy with me. You might have to tune the value. – Priya Jain Jan 31 '18 at 11:35
-
confirmed that the value after @lt 10 mens less than 10 bytes only. – Priya Jain Jan 31 '18 at 11:46