Lua content by file based on nginx response status and map mod security rule id variable to the response
Georgi Georgiev
Hello,
I have mod security compiled in nginx and I need when user is blocked by some modest rule ID, this ID to be presented in the error_page that return the 403 response code of nginx. After a big research I found that Lua is the best way to do this because it has access to the mod security variables, although I didn't found example scripts, neither one that I can get the logic and I am not a programmer so I face a differents writing it and I would like to ask you for help. Can you please point me an example that can do that in nginx (I think that this wouldn't be more that 10 lines of code - get the mod security rule ID and parse it to the error response page with some variable).
Thank you in advance. Btw, the nginx way it works in my implementation is proxy pass form 80 to port 8080 and I know that content_by_lua not work with proxy pass, but I just want to check if the response is 403 before proxy pass and if it's to check the rule id and print it to a page.
Here is an example that I think it should looks like (but as I said I don't understand it and may be wrong)
default_type text/html;
1.Check the response status here with something like this:
ngx.status = ngx.HTTP_CREATED status = ngx.status
2. If the status is 403 (some if condition) check the RULE variable (I am not sure how exactly Lua will access it) and map it to variablecontent_by_lua '
ngx.say("<p>403 forbidden by rule XXXX (the mapped variable) </p>")
';
Georgi Georgiev
default_type text/html;
content_by_lua '
ngx.status = ngx.HTTP_CREATED
status = ngx.status
if ngx.status == 201 then
ngx.print (ngx.status) end
if ngx.status == 403 then
ngx.say("<p>403 forbidden by rule XXXX</p>") end