Here's the output from the uwsgi logs.  At first it looks like a problem with uwsgi, but it only happens with modsecurity in place.  I looked at the request coming in, and the headers aren't getting passed through for some reason.  I'm using the recommended .conf file from the source package, which has SecRuleEngine set to DetectionOnly.


4 uwsgi: Traceback (most recent call last):
4 uwsgi:  File "/local/lib/python2.7/site-packages/raven/utils/serializer/manager.py", line 69, in transform
4 uwsgi:    return self.transform(repr(value))
4 uwsgi:  File "/local/lib/python2.7/site-packages/django/core/handlers/wsgi.py", line 167, in __repr__
4 uwsgi:    if self._post_parse_error:
4 uwsgi: AttributeError: 'WSGIRequest' object has no attribute '_post_parse_error'
4 uwsgi: Traceback (most recent call last):
4 uwsgi:  File "/local/lib/python2.7/site-packages/raven/middleware.py", line 27, in __call__
4 uwsgi:    iterable = self.application(environ, start_response)
4 uwsgi:  File "/local/lib/python2.7/site-packages/django/core/handlers/wsgi.py", line 262, in __call__
4 uwsgi:    request = self.request_class(environ)
4 uwsgi:  File "/local/lib/python2.7/site-packages/django/core/handlers/wsgi.py", line 136, in __init__
4 uwsgi:    self.method = environ['REQUEST_METHOD'].upper()
4 uwsgi: KeyError: 'REQUEST_METHOD'

On Wed, Oct 31, 2012 at 8:47 AM, Alan Silva <alansilva@acm.org> wrote:
Nice question!!!

You have log of this? Please sent us!!!

Thanks,

Regards,

Alan


We're looking into ModSecurity and the subscription rules service for our servers, but I'm running into a bit of a problem.  We're using nginx as a frontend for a Django application via uwsgi.  With ModSecurity enabled, every request generates the following error: 'WSGIRequest' object has no attribute '_post_parse_error'.  I've been unable to find any documentation, or mention of uwsgi in the mailing list archives.  I feel like I have to be missing something obvious at this point.  Has anyone had any luck getting modsecurity to play nice with uwsgi?
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
_______________________________________________
mod-security-developers mailing list
ModSecurity Services from Trustwave's SpiderLabs:


------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
mod-security-developers mailing list
mod-security-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-developers
ModSecurity Services from Trustwave's SpiderLabs:
https://www.trustwave.com/spiderLabs.php