How to hide sensitive POST data in NGINX log

Posted on September 18, 2016 by Yury Sergeev


How to hide sensitive POST data in NGINX log

NGINX is an extremely popular web server that can handle high volumes of web traffic. Each client connection might be logged and you can control which information to store. Sometimes, it is essential not only to save remote IP address, user agent or status but also store a body of requests, especially POST requests. For instance, POST data can be really useful to be analysed if you want to ensure that your server is secured enough because the most of the attacks are sent by this type of HTTP requests. However, some POST headers may contain sensitive data such as passwords and therefore it is essential to have a making method.


Tags: nginx logging masking POST


Web Server Log Analysis

Posted on May 28, 2016 by Yury Sergeev


Web Server Log Analysis

If you have a web app running on a web server, you know that it is so helpful to analyse the access and error logs to get information about how it is functioning. Systems administrators use different tools to analyse HTTP statistics, but not all of them provide enough information. For instance, Google Analytics can't provide client IP addresses which might be really useful to have then you want to investigate what was going on. By looking into a website access log it is possible to extract client IP addresses and analyse their reputation. Therefore, it is essential to use special instruments for log analysis. As an illustration, RST Cloud shows which malicious sources that had repeatedly attacked other websites contacted your web server.


Tags: apache iis nginx machine learning log analysis anomalies security