Hi, I would like to accomplish the following.

Modsecurity is enabled in NginX and I want when some false postitive hit is opened, some rule blocked some page the response page to be shown with the error code from the modsec rule. For example you have been blocked by mod security rule "XXX" as the rule is get from the logs. I think this eventually can be accomplished using if and map variable in the nginx configuration + some dynamical error page, but I am completely not sure. Can anyone share it's expert advice or experience?

thank you in advance!

I think that as workaround it can be used x-requested-id header. I have enabled request_id headers in nginx (which works as reverse proxy) by the following way:

In nginx.conf my log format hs included $request_id as follows:

log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent $request_id "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for”';


In the ghost configs I have headers like the following:
location / {
...
add_header X-Request-Id $request_id;
proxy_set_header X-Request-Id $request_id;

I would ike to accomplish the following thing.

1. In all logs and all requests (access, error, mod security audit logs) the request_id to be logged (as it should be, but currently not work).
2. When I open the site X-Request-ID to be set in request headers, not only in response headers. Currently I have the x-request-id header only in the response headers.
3. When I have been blocked my some mod security rule with status 403 the headers to be present and the id to be logged too in the logs. Currently on 403 response I haven’t the header neither in request headers and response headers (only on normal query).

Can you please explain me where I am wrong? Thank you in advance.