Facebook
Twitter
Chris1
Regular Pleskian
Hello,
We have a customers website that is triggering some ModSecurity logs which is then getting picked up by the ModSecurity Fail2ban jail resulting in a ban of the customers IP address.
It appears that something is causing an internal server error which seems like the reason it is showing up in ModSecurity, but the 'H' section doesn't have a rule ID. How can I disable the rule that is causing this to show up in the logs.
Here are the C, F, H sections of one of the log entries:
We have a customers website that is triggering some ModSecurity logs which is then getting picked up by the ModSecurity Fail2ban jail resulting in a ban of the customers IP address.
It appears that something is causing an internal server error which seems like the reason it is showing up in ModSecurity, but the 'H' section doesn't have a rule ID. How can I disable the rule that is causing this to show up in the logs.
Here are the C, F, H sections of one of the log entries:
Code:
--0f4d7f7e-C--
wp_customize=on&theme=soledad&customized=%7B%22penci_home_featured_cat%22%3A%22%D0%B0%2C+music%2C+interviews%2C+books%2C+news+and+gigs%22%7D&nonce=25af10f8c5&customize_messenger_channel=preview-2
--0f4d7f7e-F--
HTTP/1.1 500 Internal Server Error
Last-Modified: Thu, 18 Aug 2011 05:25:37 GMT
ETag: "b234cf-4f8-4aac0d7c07640"
Accept-Ranges: bytes
Content-Length: 1272
X-Powered-By: PleskLin
--0f4d7f7e-H--
Stopwatch: 1470000120913495 3467660 (- - -)
Stopwatch2: 1470000120913495 3467660; combined=4790, p1=3, p2=4775, p3=5, p4=0, p5=6, sr=0, sw=1, l=0, gc=0
WAF: ModSecurity for Apache/2.7.7 (http://www.modsecurity.org/); 201407101236.
Server: Apache
Engine-Mode: "ENABLED"
