Re: [mod-security-users] http-version
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] http-version
|
From: Ivan R. <iv...@we...> - 2005-02-02 15:58:11
|
Tom Anderson wrote: > Here's an interesting problem.... I have the rule 'SecFilterSelective > SERVER_PROTOCOL "!HTTP"' in order to return an error when someone tries > something like "GET / JUNK/1.0". However, not only does that not match > and reject the intended string, it instead matches any > "httpd/unix-directory" handler requests. In other words, all "/" or > "/directory/" requests. But it doesn't reject pages that have a > filename. The audit log shows the same HTTP protocol in both cases. It > seems that SERVER_PROTOCOL isn't matching the right thing. Works for me here. From the debug log (at level 9): Checking signature "!HTTP" at SERVER_PROTOCOL Checking against "JUNK/1.0" Signature check returned 403 Which error message are you getting? Look into the debug log at level 9 for more information. -- Ivan Ristic (http://www.modsecurity.org) |
