Re: [mod-security-users] modsecurity iis statuscode always 500

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Sorry, this is a known issue with ModSecurity for IIS:
https://github.com/SpiderLabs/ModSecurity/issues/601

I suggest that you follow up your experience on the issue and we'll see if
anyone from the community can help with this one.

Cheers

On Tue, Sep 11, 2018 at 1:56 AM 곽민 <mi...@gm...> wrote:

> I was install modsecurity 2.9.2  in windows server 2016 / iis 10
>
> Core rule set version is 2.2.9
>
> When i tested in php page, modsecurity successfully block matched rule
> traffic,
>
> but log is always 500(internal server error)(Regardless of pass or block)
>
> I think modsecurity can't get status code because status code in audit log
> always '0'
> example log : WIN-EU34NTQNDKV 192.168.1.6 - - [11/Sep/2018:12:20:44 +0900]
> "GET /dvwa/vulnerabilities/sqli/ HTTP/1.1" 0 0 "-" "-" 17798225733810651262
> "-" /20180911/20180911-1220/20180911-122044-17798225733810651262 0 1019
> md5:749962ae19cfa1b79a228f97305c2b3c
>
> so i add SecstreamInBodyInspection On and SecRequestBodyAccess On
>
> and also disable dynamic content and static content compression
>
> But status code 500,
>
> How to fix that?
>
> thanks~
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/
>

-- 
-
Victor Ribeiro Hora