Re: [mod-security-users] Request Missing an Accept Header
Brought to you by:
victorhora,
zimmerletw
From: Amr H. <amr...@gm...> - 2006-11-06 01:14:25
|
I'm using just the default rules from modsecurity.org On 11/6/06, Amr Hamdy <amr...@gm...> wrote: > > Hello all there, :) > After I've upgraded to modsecurity 2 on apache 2.2.3 ... I can find a > message that fills the error log of apache ... > > [error] [client 127.0.0.1] ModSecurity: Warning. Operator EQ match: 0. [id > "60015"] [msg "Request > Missing an Accept Header"] [severity "CRITICAL"] [uri "/"] [unique_id > "Zuwhs83qYHUAAGSgEZ8AAAAN"] > > > and in the modsec audit log > > --9215852c-A-- > [06/Nov/2006:02:50:05 +0200] d35n3s3qYHUAABW@SWoAAAAC 127.0.0.1 35735 > 127.0.0.1 80 > --9215852c-B-- > GET / HTTP/1.0 > User-Agent: Apache (internal dummy connection) > > --9215852c-F-- > HTTP/1.1 200 OK > Last-Modified: Sat, 20 Nov 2004 20:16:24 GMT > ETag: "54828a-2c-4c23b600" > Accept-Ranges: bytes > Content-Length: 44 > Connection: close > Content-Type: text/html > Content-Language: ar > > --9215852c-H-- > Message: Warning. Operator EQ match: 0. [id "60008"] [msg "Request Missing > a Host Header"] [severity "CRITICAL"] > Message: Warning. Operator EQ match: 0. [id "60015"] [msg "Request Missing > an Accept Header"] [severity "CRITICAL"] > Stopwatch: 1162774205851614 7713 (2164 5447 -) > Producer: ModSecurity v2.0.3 (Apache 2.x) > Server: Apache > > --9215852c-Z-- > > > This message represents over 99% of the total messages > > > I'e no idea where the problem is ... I've apache 2.2.3 running on fedora > core 2 ... I've compiled it from source with the following options ... > > "./configure" \ > "--prefix=/usr/local/apache" \ > "--enable-deflate" \ > "--enable-unique-id" \ > "--enable-ssl" \ > "--enable-nonportable-atomics=yes" > > > May any know how can I repair that issue? and what's wrong exactly? > -- > > Amr Hamdy > An Egyptian Muslim Linux Engineer Studying Medicine ;) -- Amr Hamdy An Egyptian Muslim Linux Engineer Studying Medicine ;) |