Thread: [mod-security-users] Rule is not working.
Brought to you by:
victorhora,
zimmerletw
From: Vince T. <vt...@ms...> - 2007-04-30 17:29:31
|
Hi Everyone, I have created the following rule to block a known web application vulnerability scan (getting TONS of these lately from what looks like bot nets) : # This rule stops scans for a known web calendar vulnerability # http://www.securityfocus.com/bid/14651 SecRule REQUEST_URI "tools/send_reminders\.php" "phase:1,deny,nolog" It does not seem to be working though as I still get this showing up in my console: 1 990011 NOTICE (5) Request Indicates an automated program explored the site Warning. Match of "rx ^apache.*perl" against "REQUEST_HEADERS:User-Agent" required. What am I doing wrong? -- Vince |