[Mod-security-developers] modsecurity iis always return 500 status code
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[Mod-security-developers] modsecurity iis always return 500 status code
|
From: 곽민 <mi...@gm...> - 2018-09-11 04:31:04
|
I was install modsecurity 2.9.2 in windows server 2016 / iis 10 Core rule set version is 2.2.9 When i tested in php page, modsecurity successfully block matched rule traffic, but log is always 500(internal server error)(Regardless of pass or block) I think modsecurity can't get status code because status code in audit log always '0' example log : WIN-EU34NTQNDKV 192.168.1.6 - - [11/Sep/2018:12:20:44 +0900] "GET /dvwa/vulnerabilities/sqli/ HTTP/1.1" 0 0 "-" "-" 17798225733810651262 "-" /20180911/20180911-1220/20180911-122044-17798225733810651262 0 1019 md5:749962ae19cfa1b79a228f97305c2b3c so i add SecstreamInBodyInspection On and SecRequestBodyAccess On and also disable dynamic content and static content compression But status code 500, How to fix that? thanks~ |
