Announcement

Do not use the forums to submit bug reports, feature requests or patches, submit a New Ticket instead.

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/xinha/public_html/r.f/include/parser.php on line 774

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/xinha/public_html/r.f/include/parser.php on line 774

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/xinha/public_html/r.f/include/parser.php on line 774

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/xinha/public_html/r.f/include/parser.php on line 774

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/xinha/public_html/r.f/include/parser.php on line 774

#1 2007-04-25 11:46:22

jwendt
New member
Registered: 2007-04-25
Posts: 3

Linker - ModSecurity: Access denied with code 501

I am receiving the following error in my logs:

ModSecurity: Access denied with code 501 (phase 1). Match of "rx (?:^(?:application/x-www-form-urlencoded$|multipart/form-data;)|text/xml)" against "REQUEST_HEADERS:Content-Type" required. [id "960010"] [msg "Request content encoding is not allowed by policy"] [severity "WARNING"] [hostname "www.removedforthispost.com"] [uri "/xinha/plugins/Linker/scan.php"] [unique_id "YqvhQMCoAQEAAA@J11YAAAAD"]

I am using an out of the box installation of ModSecurity.

Your products are fantastic.  This is the first error I've had that's caused any aggrevation.

Thanks

Offline

#2 2007-04-25 11:53:49

jwendt
New member
Registered: 2007-04-25
Posts: 3

Re: Linker - ModSecurity: Access denied with code 501

From the modsecurity configuration files

# TODO Most applications support only two encodings for request bodies
#      because that is all browsers know how to produce. If you are using
#      automated tools to talk to the application you may be using other
#      content types and would want to change the list of supported encodings.
#
#      Note though that ModSecurity parses only three content encodings:
#      application/x-www-form-urlencoded, multipart/form-data request and
#      text/xml. The protection provided for any other type of encoding is
#      inferior.

SecRule REQUEST_METHOD "!^(?:get|head|propfind|options)$" \
    "chain, t:lowercase, deny,log,auditlog,status:501,msg:'Request content encoding is not allowed by policy',id:'960010',severity:'4'"
SecRule REQUEST_HEADERS:Content-Type "!(?:^(?:application/x-www-form-urlencoded$|multipart/form-data;)|text/xml)"

Offline


Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/xinha/public_html/r.f/include/parser.php on line 774

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/xinha/public_html/r.f/include/parser.php on line 774

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/xinha/public_html/r.f/include/parser.php on line 774

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/xinha/public_html/r.f/include/parser.php on line 774

Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in /home/xinha/public_html/r.f/include/parser.php on line 774

#3 2007-05-13 05:52:12

ray
Xinha Administrator
From: Germany
Registered: 2005-03-23
Posts: 521
Website

Re: Linker - ModSecurity: Access denied with code 501

Offline

Board footer

Powered by FluxBB