Is it possible to encrypt nginx log files? If so, would the logrotate saving time the best time to do so?

The background for this is that the client is concerning about security issues that can happen having some user (login id) saved on access logs when a third party service send something through webhook apis.

I was not able to find this specific answer, and I'm wondering if it is not a popular (or correct) measure to prevent user info leaks. Am I missing something?


Solution 1:

You can send access_log through syslog or a named pipe (man mkfifo) and then encrypt the logs but normally you just don't log anything sensitive and you don't send anything sensitive in such a way that it can be logged.

If you feel that "login id" is sensitive information then don't send it as a part of a URL as the URL can be logged anywhere - the sender system, an intermediate proxy or firewall, load balancers etc.

Solution 2:

I would re-think your risk and threat scenario's before your decide on "encryption is the solution".

Because in general access to system logs requires administrator level access and privileges and those that already have such level of privilege can usually also already directly access the user/application data regardless of what info about them ends up in the logs.

But if certain information is indeed too sensitive to keep in clear text log files, IMHO you should sanitise what you log, rather than continue logging it. Consider creating a custom log_format (where you for instance log the $uri rather than the $request ) and use that for your webhook API's to prevent logging of GET parameters.