add a response header in MS3 to transfer timing information

9 views
Skip to first unread message

Mike Melo

unread,
Apr 17, 2020, 6:29:25 AM4/17/20
to ModSecurity Core Rule Set project
I'm attempting to apply the useful information in Christian's article https://www.netnea.com/cms/apache-tutorial-6_embedding-modsecurity/ to MSv3.0.4 running on NGINX using connector v1.0.   

Specifically I'm wondering if anyone has managed to add a response header in MS3 to transfer timing information back to NGINX similar to how HEADER directive works for Apache.

Thanks for any information!

Christian Folini

unread,
Apr 17, 2020, 6:49:07 AM4/17/20
to Mike Melo, ModSecurity Core Rule Set project
Hey Mike,
I do not think NGINX allows you to do that. It's much more limited in many
aspects (it trades features for raw performance).

But if you do find out, then please let me know.

Cheers,

Christian

>
> Thanks for any information!
>
> --
> You received this message because you are subscribed to the Google Groups "ModSecurity Core Rule Set project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-...@owasp.org.
> To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/modsecurity-core-rule-set-project/417c8a4c-4ca0-4316-a177-2d89ec95afb8%40owasp.org.

Mike Melo

unread,
Apr 17, 2020, 7:47:25 AM4/17/20
to ModSecurity Core Rule Set project, m.m...@yottaa.com, christia...@netnea.com
thanks Christian, will keep you posted.


On Friday, April 17, 2020 at 6:49:07 AM UTC-4, Christian Folini wrote:
Hey Mike,

On Fri, Apr 17, 2020 at 03:29:25AM -0700, Mike Melo wrote:
> I'm attempting to apply the useful information in Christian's article
> https://www.netnea.com/cms/apache-tutorial-6_embedding-modsecurity/ to
> MSv3.0.4 running on NGINX using connector v1.0.  
>
> Specifically I'm wondering if anyone has managed to add a response header
> in MS3 to transfer timing information back to NGINX similar to how HEADER
> directive works for Apache.

I do not think NGINX allows you to do that. It's much more limited in many
aspects (it trades features for raw performance).

But if you do find out, then please let me know.

Cheers,

Christian

>
> Thanks for any information!
>
> --
> You received this message because you are subscribed to the Google Groups "ModSecurity Core Rule Set project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-set-project+u...@owasp.org.
Reply all
Reply to author
Forward
0 new messages