[mod-security-users] problem with
Brought to you by:
victorhora,
zimmerletw
From: diego s. <die...@gm...> - 2011-11-16 20:20:35
|
Hi; I have a problem where several cases have already searched the forum rule "960015", this alert is only active with google chrome, just enter a website, it is a failure or is the ModSecurity web browser and that I do in this case, disable it for now but may place at risk the site. alert logs: [Wed Nov 16 20:38:41 2011] [error] [client ] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "//base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "2.2.1"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "xxxxxx"] [uri "/index.php/component/search/"] [unique_id "TsQRQX8AAAEAACgZTa4AAAAD"] content rule: base_rules/modsecurity_crs_21_protocol_anomalies.conf:47: "skipAfter:END_ACCEPT_CHECK,chain,phase:2,rev:'2.2.1',t:none,block,msg:'Request Missing an Accept Header', severity:'2',id:'960015',tag:'PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT',tag:'WASCTC/WASC-21',tag:'OWASP_TOP_10/A7',tag:'PCI/6.5.10'" -- Diego Subero |