Site running joomla 3.9
In modsecurity.conf disabled engine to see where the issue is
#SecRuleEngine On
SecRuleEngine Off
Using modsecurity-3.conf-recommended w/o any change except the above and SecDebugLog
Version:
2025/02/03 04:33:09 [notice] 2074355#2074355: ModSecurity-nginx v1.0.3 (rules loaded inline/local/remote: 0/49/0)
2025/02/03 04:33:09 [notice] 2074355#2074355: libmodsecurity3 version 3.0.13
Activated debug log for modsecurity
SecDebugLog /var/log/nginx/modsecurity_debug.log
SecDebugLogLevel 4
Can't see in the log any error or hint of a "block" action
In nginx.conf
. . .
location ~* ^.*{
limit_req zone=speedbump_req burst=20;
limit_conn speedbump_conn 10;
modsecurity on;
modsecurity_rules_file /etc/nginx/modsecurity.conf;
proxy_cache nginx_cache;
. . .
With modsecurity off or commented out
With modsecurity on
nginx build
configure arguments: --build=welcome
--prefix=/usr/share/nginx-1.26.2
--sbin-path=/usr/sbin/nginx-1.26.2
--modules-path=/usr/lib64/nginx-1.26.2/modules
--conf-path=/etc/ng inx-1.26.2/nginx-1.26.2.conf
--error-log-path=/var/log/nginx-1.26.2/error.log
--http-log-path=/var/log/nginx-1.26.2/access.log
--http-client-body-temp-path=/var/lib/nginx- 1.26.2/tmp/client_body
--http-proxy-temp-path=/var/lib/nginx-1.26.2/tmp/proxy
--http-fastcgi-temp-path=/var/lib/nginx-1.26.2/tmp/fastcgi
--http-uwsgi-temp-path=/var/lib/nginx-1.26.2/tmp/uwsgi
--http-scgi-temp-path=/var/lib/nginx-1.26.2/tmp/scgi
--pid-path=/var/run/nginx.pid
--lock-path=/var/lock/subsys/nginx-1.26.2
--user=nginx
--group=nginx
...
--with-stream=dynamic
--with-stream_ssl_module
--with-compat
--add-dynamic-module=/var/www/data/packages/ModSecurity-nginx
modsecurity_debug.log:
modsecurity_debug.log
Site running joomla 3.9
In modsecurity.conf disabled engine to see where the issue is
#SecRuleEngine On
SecRuleEngine Off
Using modsecurity-3.conf-recommended w/o any change except the above and SecDebugLog
Version:
2025/02/03 04:33:09 [notice] 2074355#2074355: ModSecurity-nginx v1.0.3 (rules loaded inline/local/remote: 0/49/0)
2025/02/03 04:33:09 [notice] 2074355#2074355: libmodsecurity3 version 3.0.13
Activated debug log for modsecurity
SecDebugLog /var/log/nginx/modsecurity_debug.log
SecDebugLogLevel 4
Can't see in the log any error or hint of a "block" action
In nginx.conf
. . .
location ~* ^.*{
limit_req zone=speedbump_req burst=20;
limit_conn speedbump_conn 10;
modsecurity on;
modsecurity_rules_file /etc/nginx/modsecurity.conf;
proxy_cache nginx_cache;
. . .
With modsecurity off or commented out
With modsecurity on
nginx build
configure arguments: --build=welcome
--prefix=/usr/share/nginx-1.26.2
--sbin-path=/usr/sbin/nginx-1.26.2
--modules-path=/usr/lib64/nginx-1.26.2/modules
--conf-path=/etc/ng inx-1.26.2/nginx-1.26.2.conf
--error-log-path=/var/log/nginx-1.26.2/error.log
--http-log-path=/var/log/nginx-1.26.2/access.log
--http-client-body-temp-path=/var/lib/nginx- 1.26.2/tmp/client_body
--http-proxy-temp-path=/var/lib/nginx-1.26.2/tmp/proxy
--http-fastcgi-temp-path=/var/lib/nginx-1.26.2/tmp/fastcgi
--http-uwsgi-temp-path=/var/lib/nginx-1.26.2/tmp/uwsgi
--http-scgi-temp-path=/var/lib/nginx-1.26.2/tmp/scgi
--pid-path=/var/run/nginx.pid
--lock-path=/var/lock/subsys/nginx-1.26.2
--user=nginx
--group=nginx
...
--with-stream=dynamic
--with-stream_ssl_module
--with-compat
--add-dynamic-module=/var/www/data/packages/ModSecurity-nginx
modsecurity_debug.log:
modsecurity_debug.log