On 01/06/2012 10:23 AM, Szőts Ákos wrote:
No, I don't think so; ModSecurity just get triggered because something in
the error_log.
"As to the OPTIONS * request failing - make sure there are no hidden
rewrite rules or other URI mangling going on."
Thank you for the tip. Is there any (easy) way to debug which rewrite rules
were applied to a query? The server is in use, so unfortunately I cannot
Enable the rewritelog and see what it says:
RewriteLog /some/location
RewriteLogLevel 1
If RewriteLogLevel 1 does not show you what you need to see, increase it
until you do see something, but I would advise you not to run at a high
loglevel for long on a production system, as it will cause a massive
performance hit.
turn on/off the rules randomly.
Ákos
2012. január 5. 13:49:30 dátummal Igor Cicimov ezt írta:
[error] [client 194.38.104.110] ModSecurity: Warning. String match "Invalid
URI in request" at WEBSERVER_ERROR_LOG. ModSecurity? Protection against
using * in the URI?
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See<URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
--
J.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
