On 23.11.2015 10:52, Yogesh Patel wrote:
In modsecurity we have a rule below:
"SecRule REQBODY_ERROR "!@eq 0" \
"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse
request body.',logdata:'%{reqbody_error_msg}',severity:2"
in mod security log following error message is detected:
"Message: Access denied with code 400 (phase 2). Match of "eq 0"
against "REQBODY_ERROR" required. [file
"D:/tools/Apache2.4.x/conf/extra/highq/modsec/modsecurity.conf"] [line
"132"] [id "200001"] [msg "Failed to parse request body."] [data
"Error reading request body: Client went away."] [severity "CRITICAL"]
Action: Intercepted (phase 2)"
What could be the possible reason for this error?
I don't know, but I believe that you may have posted this to the wrong list.
Should you not be sending this to the *Apache httpd* user list, instead of the *Apache
Tomcat* user list ?
See : http://httpd.apache.org/ versus http://tomcat.apache.org
(They both belong to the Apache organisation, but they are different software
products)
And modsecurity is yet another separate thing, at http://www.modsecurity.org, but it seems
more related to Apache httpd than to Tomcat.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
