Hello,
I have mod security compiled in nginx and I need when user is blocked by some modest rule ID, this ID to be presented in the error_page that return the 403 response code of nginx. After a big research I found that Lua is the best way to do this because it has access to the mod security variables, although I didn't found example scripts, neither one that I can get the logic and I am not a programmer so I face a differents writing it and I would like to ask you for help. Can you please point me an example that can do that in nginx (I think that this wouldn't be more that 10 lines of code - get the mod security rule ID and parse it to the error response page with some variable).
Thank you in advance. Btw, the nginx way it works in my implementation is proxy pass form 80 to port 8080 and I know that content_by_lua not work with proxy pass, but I just want to check if the response is 403 before proxy pass and if it's to check the rule id and print it to a page.
Here is an example that I think it should looks like (but as I said I don't understand it and may be wrong)
default_type text/html;
1.Check the response status here with something like this:
ngx.status = ngx.HTTP_CREATED
status = ngx.status
2. If the status is 403 (some if condition) check the RULE variable (I am not sure how exactly Lua will access it) and map it to variable
content_by_lua '
ngx.say("<p>403 forbidden by rule XXXX (the mapped variable) </p>")
';
Can you please help me with that? Can you please give me example code?