[Mod-security-rules] Nginx-Modsecurity proxypass 500 error with POST
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[Mod-security-rules] Nginx-Modsecurity proxypass 500 error with POST
|
From: Dhr. P.A. P. <pi...@hu...> - 2013-10-22 14:24:23
|
Modsecurity on my Nginx reverse proxy server gives 500 errors when I try to log in or click on a button. I see nothing in the nginx error log, nor in the modsecurity audit log. In the access log I see that the problem occurs after a POST command. This goes well: 82.161.137.226 - - [22/Oct/2013:15:37:55 +0200] "GET /proefwerk/prog/images/rightArrow.gif HTTP/1.1" 304 0 " http://test.huygenscollege.nl/proefwerk/prog/index.php" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" But with the following (after clicking a button in the web page) Nginx gives a 500 error: 82.161.137.226 - - [22/Oct/2013:15:38:03 +0200] "POST /proefwerk/prog/index.php?day=21&month=10&year=2013&klas=1 HTTP/1.1" 500 594 "http://test.huygenscollege.nl/proefwerk/prog/index.php" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" The problem occurs with many proxypassed sites, mostly when I try to log in. This is my configuration. server { listen 80; server_name test.huygenscollege.nl; location / { ModSecurityEnabled on; ModSecurityConfig modsecurity.conf; proxy_pass http://88.159.13.153/; proxy_read_timeout 150s; } } After changing ModSecurityEnabled on to off, the problem is gone. Any help will be appreciated. Piet Pijnacker, Eindhoven, Netherlands |
