Recipe: Invoking rule 55606d88c470; [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "14"] [id "5000136"].
Rule 55606d88c470: SecRule "RESPONSE_STATUS" "@rx ^302" "phase:5,auditlog,t:none,nolog,pass,setvar:ip.bf_counter=0,id:5000136"
Transformation completed in 1 usec.
Executing operator "rx" with param "^302" against RESPONSE_STATUS.
Target value: "200"
Operator completed in 3 usec.
Rule returned 0.
No match, not chained -> mode NEXT_RULE.
Recipe: Invoking rule 55606d8817f8; [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "16"] [id "5000137"].
Rule 55606d8817f8: SecRule "RESPONSE_STATUS" "@rx ^200" "phase:5,auditlog,chain,t:none,nolog,pass,setvar:ip.bf_counter=+1,deprecatevar:ip.bf_counter=1/180,id:5000137"
Transformation completed in 1 usec.
Executing operator "rx" with param "^200" against RESPONSE_STATUS.
Target value: "200"
Operator completed in 3 usec.
Setting variable: ip.bf_counter=+1
Recorded original collection variable: ip.bf_counter = "0"
Relative change: bf_counter=0+1
Set variable "ip.bf_counter" to "1".
Deprecating variable: ip.bf_counter=1/180
Rule returned 1.
Match -> mode NEXT_RULE.
Recipe: Invoking rule 55606d8cf638; [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "17"].
Rule 55606d8cf638: SecRule "ip:bf_counter" "@gt 10" "t:none,setvar:user.bf_block=1,expirevar:user.bf_block=300,setvar:ip.bf_counter=0"
Transformation completed in 1 usec.
Executing operator "gt" with param "10" against IP:bf_counter.
Target value: "1"
Operator completed in 1 usec.
Rule returned 0.
No match, not chained -> mode NEXT_RULE.
collection_store: Retrieving collection (name "ip", filename "/var/log/secdatadir/rafocorp-ip")
collection_store: Re-retrieving collection prior to store: ip
collection_retrieve_ex: collection_retrieve_ex: Retrieving collection (name "ip", filename "/var/log/secdatadir/rafocorp-ip")
collection_unpack: Read variable: name "__expire_KEY", value "1560165731".
collection_unpack: Read variable: name "KEY", value "46.188.154.23".
collection_unpack: Read variable: name "TIMEOUT", value "600".
collection_unpack: Read variable: name "__key", value "46.188.154.23".
collection_unpack: Read variable: name "__name", value "ip".
collection_unpack: Read variable: name "CREATE_TIME", value "1560165130".
collection_unpack: Read variable: name "UPDATE_COUNTER", value "11".
collection_unpack: Read variable: name "bf_counter", value "11".
collection_unpack: Read variable: name "LAST_UPDATE_TIME", value "1560165131".
collection_retrieve_ex: Retrieved collection (name "ip", key "46.188.154.23").
collection_store: Delta applied for ip.UPDATE_COUNTER 0->1 (1): 11 + (1) = 12 [12,2]
collection_store: Delta applied for ip.bf_counter 0->1 (1): 11 + (1) = 12 [12,2]
collection_store: Wrote variable: name "__expire_KEY", value "1560165739".
collection_store: Wrote variable: name "KEY", value "46.188.154.23".
collection_store: Wrote variable: name "TIMEOUT", value "600".
collection_store: Wrote variable: name "__key", value "46.188.154.23".
collection_store: Wrote variable: name "__name", value "ip".
collection_store: Wrote variable: name "CREATE_TIME", value "1560165138".
collection_store: Wrote variable: name "UPDATE_COUNTER", value "12".
collection_store: Wrote variable: name "bf_counter", value "12".
collection_store: Wrote variable: name "LAST_UPDATE_TIME", value "1560165139".
collection_store: Persisted collection (name "ip", key "46.188.154.23").
Recording persistent data took 0 microseconds.
Audit log: Ignoring a non-relevant request.