[Bug 235014] www/mod_security: ModSec not showing module in Apache error log

Wed Jan 16 22:56:59 UTC 2019

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=235014

            Bug ID: 235014
           Summary: www/mod_security: ModSec not showing module in Apache
                    error log
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs at FreeBSD.org
          Reporter: sean.smith at basecommerce.com
                CC: walter at lifeforms.nl
                CC: walter at lifeforms.nl
             Flags: maintainer-feedback?(walter at lifeforms.nl)

There is an issue with Mod Security where it will not properly log the module
name in the error log (ex: /var/log/httpd-error.log). 

As a part of my ErrorLogFormat configuration I have set: [%-m:%l]

%m would show the module in the error log and using %-m will the log show a -
if it wasn't able to return anything.

So as of right now the logs will show like this

[Wed Jan 16 22:51:05 2019] [-:notice] [pid 6923] mod_security2.c(762): [client
ModSecurity for Apache/2.9.2 (http://www.modsecurity.org/) configured.

[-:notice] means that I am unable to filter log levels for the modsec module
using things like 'LogLevel warn security2:crit' since the error log doesn't
know that the security2 module is what is being logged.

A thread having the same issue and the maintainer providing a patch -
https://github.com/SpiderLabs/ModSecurity/pull/840

I believe the actual fix is here
https://github.com/SpiderLabs/ModSecurity/commit/1048fe8e5ea8d3eb7ce7b5c4c670e394bb745e7e

The maintainer does mention in that thread that he did indeed patch it but I am
not sure if this link is the exact patch.

-- 
You are receiving this mail because:
You are the assignee for the bug.