ModSecurity - View actual SQL Injected
Is there anywhere where I can view the actual SQL that was attempted to be injected when ModSecurity detects an SQL Injection?
When I look at ModSecurity Tools in WHM it doesn't show this information and I suspect that many of the events are false positives. But to be sure I need to see the string that violated the ModSecurity rule.
-
Hey there! Does this not show up in the Apache or Nginx access log? The ModSecurity logs likely wouldn't record this, but the specific access to Apache may have it in those logs. Do you see it in that log file on the system?
0 -
Thanks I'll have a look in the Apache log
0
Please sign in to leave a comment.
Comments
2 comments