Re: [mod-security-users] Error message when accessing backend https server
Brought to you by:
victorhora,
zimmerletw
From: Ruiyuan J. <Rui...@li...> - 2010-04-23 20:32:00
|
What I did was modifying the file modsecurity_crs_10_config.conf file since nobody responded to me for that. I changed the line: Setvar:tx.warning_anomaly_score=10 to 5 I still get all the messages but it does not block the traffic. Ryan -----Original Message----- From: MPaule Torre [mailto:to...@ob...] Sent: Friday, April 23, 2010 11:52 AM To: Ruiyuan Jiang; mod...@li... Subject: RE: [mod-security-users] Error message when accessing backend https server Hye I have exactly the same problem and I do not find solution nor answer ! Could you help me ? More thanks MPaule ---------------------------------------------------------------------------- -------------------- MPaule TORRE Observatoire Océanologique Base de Données LEFE-CYBER Quai de la Darse, BP 8 06238 VILLEFRANCHE s/Mer France Tel / phone :: 33-4.93.76.38.77 Fax /copy :: 33-4.93.76.37.39 > -----Message d'origine----- > De : Ruiyuan Jiang [mailto:Rui...@li...] > Envoyé : jeudi 18 mars 2010 22:08 > À : mod...@li... > Objet : [mod-security-users] Error message when accessing backend https > server > > Hi, > > I have installed Mod Security v2.5.12 with CRS v2.0.6 and Apache 2.2.15. > When I access the server, I got a message: > > [Thu Mar 18 16:56:58 2010] [error] [client 12.44.50.210] ModSecurity: > Warning. Operator LT matched 20 at TX:inbound_anomaly_score. [file > "/opt/apache2.2.15/conf/modsecurity/base_rules/modsecurity_crs_60_correlat > ion.conf"] [line "31"] [msg "Inbound Anomaly Score (Total Inbound Score: > 10, SQLi=, XSS=): HTTP header is restricted by policy"] [hostname > "x.x.com"] [uri "/"] [unique_id "S6KTmpySAp8AAC-vK68AAAAE"] > > How do I fix that problem? Thanks. > > Ryan > > > > This message (including any attachments) is intended > solely for the specific individual(s) or entity(ies) named > above, and may contain legally privileged and > confidential information. If you are not the intended > recipient, please notify the sender immediately by > replying to this message and then delete it. > Any disclosure, copying, or distribution of this message, > or the taking of any action based on it, by other than the > intended recipient, is strictly prohibited. > > > -------------------------------------------------------------------------- > ---- > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Appliances, Rule Sets and Support: > http://www.modsecurity.org/breach/index.html This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. |