[mod-security-users] mod sec 2 only able to turn off rules for a location in vhost conf and audit l
Brought to you by:
victorhora,
zimmerletw
From: Dan R. <sp...@el...> - 2006-11-28 04:36:35
|
Ok it seems the only rule that works for a location in vhost configs is to turn off rules by id, this is going to take alot of messing around with as there is obviouslly hundreds of rules and id's. I am still noticing 404's being logged into the audit log which has nothing to do with trapping urls, i was trying to trap one of the rules but got a 404 instead doesnt seem like its running. --0efc837a-A-- [28/Nov/2006:15:26:05 +1100] DHk6Q8CoAGcAAQ9PBRwAAAAA --0efc837a-B-- GET /directory.php HTTP/1.0 Accept: */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418.9 (KHTML, like Gecko) Safari/419.3 Host: X-Forwarded-For: Cache-Control: max-age=259200 Connection: keep-alive --0efc837a-F-- HTTP/1.1 404 Not Found Content-Length: 298 Keep-Alive: timeout=15, max=98 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 --0efc837a-H-- Apache-Error: [file "/usr/home/danielr/php-4.4.4/sapi/apache2handler/sapi_apache2.c"] [line 282] [level 3] script '/www/directory.php' not found or unable to stat Stopwatch:(579 21364 -) Producer: ModSecurity v2.0.3 (Apache 2.x) Server: Apache/2.0.59 (FreeBSD) PHP/4.4.4 DAV/2 hiperf_auth_mysql_module/1.0.3 --0efc837a-Z-- |