From 249af3466590eea20810a36ec9a8e3b0ffb5d255 Mon Sep 17 00:00:00 2001 From: Ervin Hegedus Date: Sun, 27 Apr 2025 10:08:23 +0200 Subject: [PATCH 1/2] feat: set correct hostname in log produced by Nginx --- src/ngx_http_modsecurity_rewrite.c | 38 ++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/src/ngx_http_modsecurity_rewrite.c b/src/ngx_http_modsecurity_rewrite.c index eaff1cc..5cc05de 100644 --- a/src/ngx_http_modsecurity_rewrite.c +++ b/src/ngx_http_modsecurity_rewrite.c @@ -86,6 +86,44 @@ ngx_http_modsecurity_rewrite_handler(ngx_http_request_t *r) return NGX_HTTP_INTERNAL_SERVER_ERROR; } +#if defined(MODSECURITY_CHECK_VERSION) +#if MODSECURITY_VERSION_NUM >= 30130100 + ngx_str_t hostname; + // first check if Nginx received a Host header and it's usable + // (i.e. not empty) + // if yes, we can use that + if (r->headers_in.server.len > 0) { + hostname.len = r->headers_in.server.len; + hostname.data = r->headers_in.server.data; + } + else { + // otherwise we try to use the server config, namely the + // server_name $SERVER_NAME + // directive + // for eg. in default config, server_name is "_" + // possible all requests without a Host header will be + // handled by this server block + ngx_http_core_srv_conf_t *cscf; + cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module); + if (cscf->server_name.len > 0) { + hostname.len = cscf->server_name.len; + hostname.data = cscf->server_name.data; + } + } + if (hostname.len > 0) { + const char *host_name = ngx_str_to_char(hostname, r->pool); + if (host_name == (char*)-1 || host_name == NULL) { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } + else { + // set the hostname in the transaction + // this function is only available in ModSecurity 3.0.13 and later + msc_set_request_hostname(ctx->modsec_transaction, (const unsigned char *)host_name); + } + } +#endif +#endif + ngx_str_t s; u_char addr[NGX_SOCKADDR_STRLEN]; s.len = NGX_SOCKADDR_STRLEN; From 2171ec5397de7fe3d9ea9f7c9a6f25b01f03cda8 Mon Sep 17 00:00:00 2001 From: Ervin Hegedus Date: Sun, 27 Apr 2025 11:06:12 +0200 Subject: [PATCH 2/2] Initialize hostname length --- src/ngx_http_modsecurity_rewrite.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ngx_http_modsecurity_rewrite.c b/src/ngx_http_modsecurity_rewrite.c index 5cc05de..ebc4742 100644 --- a/src/ngx_http_modsecurity_rewrite.c +++ b/src/ngx_http_modsecurity_rewrite.c @@ -89,6 +89,7 @@ ngx_http_modsecurity_rewrite_handler(ngx_http_request_t *r) #if defined(MODSECURITY_CHECK_VERSION) #if MODSECURITY_VERSION_NUM >= 30130100 ngx_str_t hostname; + hostname.len = 0; // first check if Nginx received a Host header and it's usable // (i.e. not empty) // if yes, we can use that