Hi
On my server i have mod_security with the default config file installed and csf firewall
I am getting around 6-10 good UK Ips being blocked by csf through mod_security
Can anyone tell me why they are being blocked and what i can do to edit the config to fix this ?
Here is the csf block
IP ADDY HERE # lfd: (mod_security) mod_security triggered by IP ADDY HERE (GB/United Kingdom/-): 5 in the last 300 secs - Fri Oct 5 07:31:44 2012
And here is the apache log
[Fri Oct 05 07:30:58 2012] [error] [client IP ADDY HERE] ModSecurity: Access denied with code 406 (phase 2). Found 1 byte(s) in ARGS:pages[template] outside range: 1-255. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "34"] [id "960901"] [msg "Invalid character in request"] [severity "WARNING"] [hostname "MY WEB URL"] [uri "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"] [unique_id "[email protected]"]
Any thoughts and advice appreciated
On my server i have mod_security with the default config file installed and csf firewall
I am getting around 6-10 good UK Ips being blocked by csf through mod_security
Can anyone tell me why they are being blocked and what i can do to edit the config to fix this ?
Here is the csf block
IP ADDY HERE # lfd: (mod_security) mod_security triggered by IP ADDY HERE (GB/United Kingdom/-): 5 in the last 300 secs - Fri Oct 5 07:31:44 2012
And here is the apache log
[Fri Oct 05 07:30:58 2012] [error] [client IP ADDY HERE] ModSecurity: Access denied with code 406 (phase 2). Found 1 byte(s) in ARGS:pages[template] outside range: 1-255. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "34"] [id "960901"] [msg "Invalid character in request"] [severity "WARNING"] [hostname "MY WEB URL"] [uri "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"] [unique_id "[email protected]"]
Any thoughts and advice appreciated