Re: [mod-security-users] Request Missing an Accept Header

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

I'm using just the default rules from modsecurity.org

On 11/6/06, Amr Hamdy <amr...@gm...> wrote:
>
> Hello all there, :)
> After I've upgraded to modsecurity 2 on apache 2.2.3 ... I can find a
> message that fills the error log of apache ...
>
> [error] [client 127.0.0.1] ModSecurity: Warning. Operator EQ match: 0. [id
> "60015"] [msg "Request
> Missing an Accept Header"] [severity "CRITICAL"] [uri "/"] [unique_id
> "Zuwhs83qYHUAAGSgEZ8AAAAN"]
>
>
> and in the modsec audit log
>
> --9215852c-A--
> [06/Nov/2006:02:50:05 +0200] d35n3s3qYHUAABW@SWoAAAAC 127.0.0.1 35735
> 127.0.0.1 80
> --9215852c-B--
> GET / HTTP/1.0
> User-Agent: Apache (internal dummy connection)
>
> --9215852c-F--
> HTTP/1.1 200 OK
> Last-Modified: Sat, 20 Nov 2004 20:16:24 GMT
> ETag: "54828a-2c-4c23b600"
> Accept-Ranges: bytes
> Content-Length: 44
> Connection: close
> Content-Type: text/html
> Content-Language: ar
>
> --9215852c-H--
> Message: Warning. Operator EQ match: 0. [id "60008"] [msg "Request Missing
> a Host Header"] [severity "CRITICAL"]
> Message: Warning. Operator EQ match: 0. [id "60015"] [msg "Request Missing
> an Accept Header"] [severity "CRITICAL"]
> Stopwatch: 1162774205851614 7713 (2164 5447 -)
> Producer: ModSecurity v2.0.3 (Apache 2.x)
> Server: Apache
>
> --9215852c-Z--
>
>
> This message represents over 99% of the total messages
>
>
> I'e no idea where the problem is ... I've apache 2.2.3 running on fedora
> core 2 ... I've compiled it from source with the following options ...
>
> "./configure" \
> "--prefix=/usr/local/apache" \
> "--enable-deflate" \
> "--enable-unique-id" \
> "--enable-ssl" \
> "--enable-nonportable-atomics=yes"
>
>
> May any know how can I repair that issue? and what's wrong exactly?
> --
>
> Amr Hamdy
> An Egyptian Muslim Linux Engineer Studying Medicine ;)


-- 

Amr Hamdy
An Egyptian Muslim Linux Engineer Studying Medicine ;)