[Modsecurity] why 403 errors on some rules?
Michal Wallace
michal at sabren.com
Wed Sep 6 23:54:21 EDT 2006
Hey all,
I must be missing something here.
Take this url:
x.php?delete+from+table+where+x+is+null
It matches rule 300013 in rules.conf, and gives
a 406 error. No problem, but say I don't want this.
So I add this line to an .htaccess file:
SecFilterRemove 300013
And I get:
Forbidden
You don't have permission to access x.php on this server.
Why? A look int the audit_log shows I'm now matching
rule 300015. No problem... But why is it giving me a
403 error instead of a 406 error?
I have:
SecFilterDefaultAction "deny,log,status:406"
And I can't see *anything* that's calling for
a 403 error or even an instance of the number
"403" anywhere in my config files.
Can someone else try this and see if you get the
same problem? Or tell me what I'm doing wrong?
Sincerely,
Michal J Wallace
Sabren Enterprises, Inc.
-------------------------------------
contact: michal at sabren.com
hosting: http://www.cornerhost.com/
my site: http://www.withoutane.com/
-------------------------------------
More information about the Modsecurity
mailing list