Am 18.03.2012 22:24, schrieb Aero Maxx: > On 18/03/2012 13:44, Reindl Harald wrote: >> >> Am 18.03.2012 14:34, schrieb Aero Maxx: >>> [Sun Mar 18 03:48:31 2012] [error] [client 192.168.0.103] ModSecurity: Warning. Operator GE matched 15 at >>> TX:outbound_anomaly_score. [file "/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_60_correlation.conf"] [line >>> "38"] [msg "Outbound Anomaly Score Exceeded (score 15): The application is not available"] [hostname >>> "www.wordpress.beta"] [uri "/index.php"] [unique_id "T2VbD1IRn4QAACJXLNQAAAAB"] >>> >>> How would I go about fixing that ? so i can have virtual hosts that modsecurity doesn't complain about? >> SecResponseBodyAccess Off >> >> SecResponseBodyAccess does mostly introduce more problems >> as it can ever solve - you saw the "Outbound Anomaly Score Exceeded" >> > Where abouts is a good place to put that ? cat /etc/httpd/modsecurity.d/modsecurity_10_config.conf SecRuleEngine On SecRequestBodyAccess On SecRequestBodyInMemoryLimit 1048576 SecResponseBodyAccess Off SecServerSignature "not disclosed" SecUploadDir /tmp SecUploadKeepFiles Off SecArgumentSeparator "&" SecCookieFormat 0 SecPcreMatchLimit 150000 SecPcreMatchLimitRecursion 150000 SecAuditEngine Off SecAuditLogRelevantStatus "^(?:5|4(?!04))" SecAuditLogType Serial SecAuditLog logs/modsec_audit.log SecAuditLogParts "ABIFHKZ" SecDebugLog logs/modsec_debug.log SecDebugLogLevel 0 SecDataDir /tmp SecTmpDir /tmp SecDefaultAction "phase:2,deny,log"
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org