[Modsecurity] Gotroot mod_security rules not working with
Apache 1.3.37
Michael Shinn
mike at gotroot.com
Mon Sep 3 23:33:16 EDT 2007
Thank you for the report. Can you send me your audit_log entry for
this? Without that information, I can't debug your problem.
On Mon, 2007-09-03 at 16:13 -0700, Hex Star wrote:
> Hello, I downloaded the full Apache 1 ruleset from gotroot.com and set
> it up, Apache starts and everything but when trying to access any page
> at all on the server a 500 Internal Error is displayed and the
> following is found in the error_log:
>
> [Mon Sep 3 16:00:43 2007] [error] [client 127.0.0.1] mod_security:
> Access denied with code 500. Pattern match "((select|grant|delete|
> insert|drop|alter|replace|truncate|update|create|rename|
> describe)[[:space:]]+[A-Z|a-z|0-9|\\\\*| |\\\\,]+[[:space:]]+(from|
> into|table|database|index|view)[[:space:]]+[A-Z|a-z|0-9|\\\\*| |\\\
> \,]|\\\\'|UNION.*SELECT.*FROM)" at ARG("art_id") [severity
> "EMERGENCY"] [hostname " 127.0.0.1"] [uri "/"]
>
> Why is this happening and how can I fix this? Thanks! :)
> _______________________________________________
> Modsecurity mailing list
> Modsecurity at gotroot.com
> http://lists.gotroot.com/mailman/listinfo/modsecurity
More information about the Modsecurity
mailing list