[mod-security-users] [solved] erratic http error code
Brought to you by:
victorhora,
zimmerletw
From: Felix N. <li...@fe...> - 2006-11-26 11:51:26
|
Felix Nawroth wrote: >> !! SecDefaultAction log,auditlog,deny,status:400,\ >> !! phase:2,t:lowercase,t:replaceNulls,t:compressWhitespace >> !! >> !! <Location "/spanien/guest/guest.php"> >> !! SecRule ARGS "http"\ >> !! "deny,log,id:66023,severity:5,msg:'Spam',exec:/etc/modsecurity/ip-blacklist.pl" >> !! </Location> OK, I've solved it by redefining a status:400 in the rule. I had tried that earlier without success, don't know what I'm doing different now. So the status set in SecDefaultAction is not inherited into a Location, it seems. I've also tried it with "SecRuleInheritance On", still the same. This isn't mentioned in the manual, perhaps Ivan could add it? Regards, Felix |