Add MODSECURITY_SEC_RULE_ENGINE and MODSECURITY_SEC_AUDIT_LOG_PARTS (#292)

* Add MODSECURITY_SEC_RULE_ENGINE and MODSECURITY_SEC_AUDIT_LOG_PARTS Usefull for customizing sites (on/DetectionOnly, Custom logs) * remove settings docs (auto generated) Co-authored-by: Florian Pitance <54334437+fl0ppy-d1sk@users.noreply.github.com>
2022-10-05 14:28:17 +01:00 · 2022-10-05 14:28:17 +01:00 · 873ccad9b2
parent 97bf473e1a
commit 873ccad9b2
3 changed files with 25 additions and 6 deletions
--- a/core/modsecurity/confs/server-http/modsecurity-rules.conf.modsec
+++ b/core/modsecurity/confs/server-http/modsecurity-rules.conf.modsec
@ -1,5 +1,5 @@
 # process rules with disruptive actions
-SecRuleEngine On
+SecRuleEngine {{ MODSECURITY_SEC_RULE_ENGINE }}

 # allow body checks
 SecRequestBodyAccess On
@ -50,6 +50,7 @@ SecResponseBodyLimitAction ProcessPartial

 # log usefull stuff
 SecAuditEngine {{ MODSECURITY_SEC_AUDIT_ENGINE }}
+SecAuditLogParts {{ MODSECURITY_SEC_AUDIT_LOG_PARTS }}
 SecAuditLogType Serial
 SecAuditLog /var/log/nginx/modsec_audit.log

--- a/core/modsecurity/plugin.json
+++ b/core/modsecurity/plugin.json
@ -31,6 +31,24 @@
 			"label": "SecAuditEngine",
 			"regex": "^.*$",
 			"type": "text"
+		},
+		"MODSECURITY_SEC_RULE_ENGINE": {
+			"context": "multisite",
+			"default": "On",
+			"help": "SecRuleEngine directive of ModSecurity.",
+			"id": "modsecurity-sec-rule-engine",
+			"label": "SecRuleEngine",
+			"regex": "^(On|DetectionOnly|Off)$",
+			"type": "text"
+		},
+		"MODSECURITY_SEC_AUDIT_LOG_PARTS": {
+			"context": "multisite",
+			"default": "ABCFHZ",
+			"help": "SecAuditLogParts directive of ModSecurity.",
+			"id": "modsecurity-sec-audit-log-parts",
+			"label": "SecAuditLogParts",
+			"regex": "^([A-Z]*)$",
+			"type": "text"
 		}
 	}
 }
--- a/docs/settings.md
+++ b/docs/settings.md
@ -228,11 +228,11 @@ When settings are considered as "multiple", it means that you can have multiple

 ### ModSecurity

-|           Setting            |   Default    | Context |Multiple|              Description               |
-|------------------------------|--------------|---------|--------|----------------------------------------|
-|`USE_MODSECURITY`             |`yes`         |multisite|no      |Enable ModSecurity WAF.                 |
-|`USE_MODSECURITY_CRS`         |`yes`         |multisite|no      |Enable OWASP Core Rule Set.             |
-|`MODSECURITY_SEC_AUDIT_ENGINE`|`RelevantOnly`|multisite|no      |SecAuditEngine directive of ModSecurity.|
+| Setting                           | Default        | Context |Multiple| Description                                      |
+|-----------------------------------|----------------|---------|--------|--------------------------------------------------|
+| `USE_MODSECURITY`                 | `yes`          |multisite|no      | Enable ModSecurity WAF.                          |
+| `USE_MODSECURITY_CRS`             | `yes`          |multisite|no      | Enable OWASP Core Rule Set.                      |
+| `MODSECURITY_SEC_AUDIT_ENGINE`    | `RelevantOnly` |multisite|no      | SecAuditEngine directive of ModSecurity.         |

 ### PHP