Modsecurity on my Nginx reverse proxy server gives 500 errors when I try to log in or click on a button.
I see nothing in the nginx error log, nor in the modsecurity audit log. In the access log I see that the problem occurs after a POST command.

This goes well:

82.161.137.226 - - [22/Oct/2013:15:37:55 +0200] "GET /proefwerk/prog/images/rightArrow.gif HTTP/1.1" 304 0 "http://test.huygenscollege.nl/proefwerk/prog/index.php" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"

But with the following (after clicking a button in the web page) Nginx gives a 500 error:

82.161.137.226 - - [22/Oct/2013:15:38:03 +0200] "POST /proefwerk/prog/index.php?day=21&month=10&year=2013&klas=1 HTTP/1.1" 500 594 "http://test.huygenscollege.nl/proefwerk/prog/index.php" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"

The problem occurs with many proxypassed sites, mostly when I try to log in.

This is my configuration.

server {
        listen       80;
        server_name  test.huygenscollege.nl;
        location / {
         ModSecurityEnabled on;
         ModSecurityConfig modsecurity.conf;
        proxy_pass         http://88.159.13.153/;
        proxy_read_timeout 150s;
        }
}

After changing ModSecurityEnabled on to off, the problem is gone.

Any help will be appreciated.

Piet Pijnacker,
Eindhoven, Netherlands