[mod-security-users] Allow action -- processing does not stop (1.9.4)
Brought to you by:
victorhora,
zimmerletw
From: Ryan B. <rb...@ri...> - 2006-07-19 00:44:56
|
Hello, I have a line: SecFilterSelective REMOTE_ADDR 129.21.x.x allow (whereby x.x represents the rest of the IP) Then, later in my configuration, I have lines blocking particular strings in the output. I am trying to view the server-info page, and, since it includes the text of all the rules, it's denying my request. However, due to the 'allow' line, my understanding is that any request from that IP should be allowed implicitly and all other rule processing should stop. This does not seem to be occuring. Output in the ModSecurity Console: HTTP Transaction: 1050 (2006-07-18 20:25.2) Alert Messages ID/Rev Severity Message 1 - EMERG (0) Access allowed. Pattern match "129.21.x.x" at REMOTE_ADDR 2 - EMERG (0) wget cmd attempt Access denied with code 505. Pattern match "HTTP request sent, awaiting response" at OUTPUT Anyone know what's happening that's causing the allow to not work properly? (or maybe I'm incorrect as to what is supposed to happen) Thanks, -Ryan --- Ryan Boyd Web Architect Information & Technology Services Rochester Institute of Technology 585-475-5573 rb...@ri... =20 |