Re: [mod-security-users] Module blocking access to backend https server from Apache reverse proxy
Brought to you by:
victorhora,
zimmerletw
From: Ruiyuan J. <Rui...@li...> - 2009-12-14 19:51:01
|
Why though? I just try to access my backend https server? To me, it is false positive. Once I remove those two configuration files from the base rules directory, I can access my backend https server no problem. I am not sure whether I should leave that way. Ryan ________________________________ From: Junyong Jiang [mailto:dre...@gm...] Sent: Friday, December 11, 2009 2:00 AM To: Ruiyuan Jiang Cc: mod...@li... Subject: Re: [mod-security-users] Module blocking access to backend https server from Apache reverse proxy It is obviously that your request is forbidden by the modsecurity rules. the Anomaly Score (score 28) that exceeds 20, so it is not allowed your request to the backend server. 2009/12/11 Ruiyuan Jiang <Rui...@li...<mailto:Rui...@li...>> Hi, all I am new to the module. I installed the module as an Apache v2.2.14's module. I downloaded the latest rules for Apache reverse proxy. I started Apache no problem afterwards. I accessed a backend http server and it was fine no problem. I then tried to access a backend https server (Apache's SSL will encrypt and decrypt the packets and then encrypt and forward the packets to backend https server. >From the IE8 brower, the message is http 403 (forbidden). On the Apache reverse proxy server, the modsec_debug.log shows as: Detects specific directory and path traversal In mod_security.log, it show similar messages. For the test, I accessed backend Microsoft Exchange 2007 server which uses https. I attach the logs on my Apache server. Thanks in advance. Ryan This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. ------------------------------------------------------------------------------ Return on Information: Google Enterprise Search pays you back Get the facts. http://p.sf.net/sfu/google-dev2dev _______________________________________________ mod-security-users mailing list mod...@li...<mailto:mod...@li...> https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Appliances, Rule Sets and Support: http://www.modsecurity.org/breach/index.html This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. |