The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

OWASP 958295, can anyone explain ?

Discussion in 'Security' started by keat63, May 15, 2015.

  1. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Does anyone know what this Owasp rule is.
    I'm seeing a number of these originating from the UK.
    Considering that my customer base is 99% UK based, i'm worried that it may be a false positive.
    However, i've no idea what it's telling me.

    On the subject of OWASP, is there a definitive list of what each rule does, but in laymans terms.
    Every Google search iv'e done for 958295 comes up with pages of gobbledygook.

    A list that went along the lines:

    XXXXXX: Protects against backdoor cyber attack

    Code:
    ModSecurity: Access denied with redirection to http://www.mydom.co.uk/ using status 302 (phase 2).
    Pattern match "\\\\b(keep-alive|close),\\\\s?(keep-alive|close)\\\\b" at REQUEST_HEADERS:Connection.
    [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "203"] [id "958295"] [rev "2"] [msg "Multiple/Conflicting Connection Header Data Found."] [data "keep-alive, keep-alive"] [severity "WARNING"] [ver "OWASP_CRS/3.0.0"] [maturity "6"] [accuracy "8"] [tag "Host: www.mydom.co.uk"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "www.mydom.co.uk"] [uri "/"] [unique_id "VVTrYtWr3R8AAA1hI-YAAAAD"]
    [\code]
     
    #1 keat63, May 15, 2015
    Last edited: May 15, 2015
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,684
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    765
    Likes Received:
    20
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Thanks Michael.

    This is exactly the type of info i was looking for.
    Do you know of an OWASP list/wiki.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,684
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page