[mod-security-users] [solved] erratic http error code

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Felix Nawroth wrote:
>> !! SecDefaultAction log,auditlog,deny,status:400,\
>> !! phase:2,t:lowercase,t:replaceNulls,t:compressWhitespace
>> !!
>> !! <Location "/spanien/guest/guest.php">
>> !! SecRule ARGS "http"\
>> !! "deny,log,id:66023,severity:5,msg:'Spam',exec:/etc/modsecurity/ip-blacklist.pl"
>> !! </Location>

OK, I've solved it by redefining a status:400 in the rule. I had tried
that earlier without success, don't know what I'm doing different now.

So the status set in SecDefaultAction is not inherited into a Location,
it seems. I've also tried it with "SecRuleInheritance On", still the
same. This isn't mentioned in the manual, perhaps Ivan could add it?

Regards,
Felix