Re: [mod-security-users] Error message when accessing backend https server
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Error message when accessing backend https server
|
From: Ruiyuan J. <Rui...@li...> - 2010-04-23 20:32:00
|
What I did was modifying the file modsecurity_crs_10_config.conf file since nobody responded to me for that. I changed the line:
Setvar:tx.warning_anomaly_score=10 to 5
I still get all the messages but it does not block the traffic.
Ryan
-----Original Message-----
From: MPaule Torre [mailto:to...@ob...]
Sent: Friday, April 23, 2010 11:52 AM
To: Ruiyuan Jiang; mod...@li...
Subject: RE: [mod-security-users] Error message when accessing backend https server
Hye
I have exactly the same problem and I do not find solution nor answer !
Could you help me ?
More thanks
MPaule
----------------------------------------------------------------------------
--------------------
MPaule TORRE
Observatoire Océanologique
Base de Données LEFE-CYBER
Quai de la Darse, BP 8
06238 VILLEFRANCHE s/Mer
France
Tel / phone :: 33-4.93.76.38.77
Fax /copy :: 33-4.93.76.37.39
> -----Message d'origine-----
> De : Ruiyuan Jiang [mailto:Rui...@li...]
> Envoyé : jeudi 18 mars 2010 22:08
> À : mod...@li...
> Objet : [mod-security-users] Error message when accessing backend https
> server
>
> Hi,
>
> I have installed Mod Security v2.5.12 with CRS v2.0.6 and Apache 2.2.15.
> When I access the server, I got a message:
>
> [Thu Mar 18 16:56:58 2010] [error] [client 12.44.50.210] ModSecurity:
> Warning. Operator LT matched 20 at TX:inbound_anomaly_score. [file
> "/opt/apache2.2.15/conf/modsecurity/base_rules/modsecurity_crs_60_correlat
> ion.conf"] [line "31"] [msg "Inbound Anomaly Score (Total Inbound Score:
> 10, SQLi=, XSS=): HTTP header is restricted by policy"] [hostname
> "x.x.com"] [uri "/"] [unique_id "S6KTmpySAp8AAC-vK68AAAAE"]
>
> How do I fix that problem? Thanks.
>
> Ryan
>
>
>
> This message (including any attachments) is intended
> solely for the specific individual(s) or entity(ies) named
> above, and may contain legally privileged and
> confidential information. If you are not the intended
> recipient, please notify the sender immediately by
> replying to this message and then delete it.
> Any disclosure, copying, or distribution of this message,
> or the taking of any action based on it, by other than the
> intended recipient, is strictly prohibited.
>
>
> --------------------------------------------------------------------------
> ----
> Download Intel® Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Appliances, Rule Sets and Support:
> http://www.modsecurity.org/breach/index.html
This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended
recipient, please notify the sender immediately by
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.
|