mod_security strange problem

gvard

Well-Known Member
PartnerNOC
Dec 22, 2003
215
10
168
Athens/GREECE
cPanel Access Level
DataCenter Provider
Greetings from Greece,

I'm receiving a strange error in mod_security:

==79655415==============================
Request: www.domain.com 1.2.3.4 - - [13/May/2006:02:43:23 +0300] "GET /downloads/l/24.rar HTTP/1.0" 500 722 "-" "-" - "-"
----------------------------------------
GET /downloads/l24.rar HTTP/1.0
Host: www.domain.com
mod_security-message: Access denied with code 500. Pattern match "^$" at HEADER("USER-AGENT")
mod_security-action: 500

HTTP/1.0 500 Internal Server Error
Connection: close
Content-Type: text/html; charset=iso-8859-1
--79655415--

1.2.3.4 = the site's IP
domain.com = the site's domain


this happens when the visitor tries to download a file from a vbulletin the user has. Any ideas how to disable that in mod_security? I didn't find ^$ in modsec.user.conf :(
 

mOdY

Well-Known Member
Dec 25, 2004
80
0
156
do # ls -la /usr/local/apache/conf/ | grep modsec

may be you could find another modsec config file which is included..