-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Description
This is related with feature request owasp-modsecurity/ModSecurity-nginx#121
Modsecurity should reopen audit log on these two signals for proper logrotate operation.
As noted at owasp-modsecurity/ModSecurity-nginx#121 (comment), we could leverage a similar approach as described at https://forum.nginx.org/read.php?29,247488,247500#msg-247500 (i.e. use standard nginx API to open some stub-file with ngx_conf_open_file(), add required handler, and use it for detecting USR1 and HUP signals from master process)
But it seems like libModSecurity currently does not have a nice interface to initiate audit/debug log files reopening by connector's request.
There's a PoC on how we could accomplish that on the connector at owasp-modsecurity/ModSecurity-nginx#121 (comment) as a starting point.
Activity
remort commentedon Oct 4, 2022
Any news up on that?
baptiste-fourmont commentedon Dec 3, 2024
Any news?
airween commentedon Dec 3, 2024
Hi @baptiste-fourmont,
Unfortunately not. If you have any idea how can we solve this, feel free to open a PR. But I try to keep this on the table...