0

I'm using Modsecurity 3.0.9 with Nginx version: nginx/1.23.4 I created custom rule which executes Lua (Lua5.3) script as the following:

SecRuleScript "/path/to/lua/script.lua" "id:1,phase:3,deny"

/path/to/lua/script.lua content: local headers = m.getvars("REQUEST_HEADERS")

Curl error: curl: (52) Empty reply from server

/var/log/nginx/error.log: 2023/05/06 22:24:47 [alert] 80626#80626: worker process 80628 exited on signal 6 (core dumped) terminate called after throwing an instance of 'std::invalid_argument' what(): Variable not found. 2023/05/06 22:44:32 [alert] 80626#80626: worker process 80627 exited on signal 6 (core dumped)

What might be the reason for the REQUEST_HEADERS not to recognized?

Thank you!

Tried to change Phases with no success - phase 1, phase 2 and phase 3.

While retrieving all REQUEST_HEADERS is not working, specifying certain Header is working, for example: local user_agent= m.getvars("REQUEST_HEADERS:User-Agent")

Udi Aharon
  • 13
  • 3
  • 1
    Seems like this is a libmodsecurity3 issue. Perhaps your config would work with mod_security2 and Apache. I tried to follow the official documentation, and the given example also does not work. I created an issue about this - see https://github.com/SpiderLabs/ModSecurity/issues/2900. – airween May 14 '23 at 08:28
  • This was a bug, which is fixed in libmodsecurity3 3.0.10: https://github.com/SpiderLabs/ModSecurity/releases/tag/v3.0.10 – airween Jul 31 '23 at 19:54

0 Answers0