is sanitiseArgs not supported in libmodsecurity3 version 3.0.12

[an1ruddh]

No description provided.

[airween]

Hi @an1ruddh,

sorry for the question, but are you asking this or are you reporting a known issue?

[an1ruddh]

i am actually asking sorry I just checked it's still in TBI

[tiptop-crazy]

Hi @an1ruddh @airween ,

1. Maybe there are other options for solving the problem, dispite sanitise* is not implemented in v3 ? For istance, can I somehow set MATCHED_VAR to ******** if MATCHED_VAR_NAME is password in
   logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'
   Can I somehow use Lua for it?

2. And If it is possible, how can I apply this to all rules without modifying each one individually ?

[airween]

i am actually asking sorry I just checked it's still in TBI

Right, thanks - feel free to close the issue if you don't have any other question.

[airween]

1. Maybe there are other options for solving the problem, dispite sanitise* is not implemented in v3 ? For istance, can I somehow  set _MATCHED_VAR_ to ******** if _MATCHED_VAR_NAME_ is **password** in
   logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'
   Can I somehow use Lua for it?

I'm not sure about that. Eg. as I know Lua extension does not support to modify logs (neither the rules)

2. And If it is possible, how can I apply this to all rules without modifying each one individually ?

I'm afraid while it's not possible therefore this question is not relevant.

The solution is to implement these actions.