|
apache bad request
Not sure what's up but since this morning, I have started receving this on my server when requesting pages:
Bad Request Your browser sent a request that this server could not understand. Apache/2.2.3 (FH) Server at 88.xxx.xxx.xxx Port 80 Any ideas what to check? I was playing about with mod_security but it was already installed so then removed the line I added from httpd.conf. Got to be something to do with that? |
Quote:
Try this... http://support.mozilla.com/tiki-view...0430&forumId=1 Should help. |
Quote:
|
Quote:
Is it linux ? Try to clean Your pc using this tool. http://www.safer-networking.org |
Quote:
All other sites work fine. |
Quote:
PHP, perl, html etc.etc ? |
Quote:
|
error-Log gives:
[Wed Aug 12 11:36:15 2009] [error] [client 86.1xxx.xxx.xxx] ModSecurity: Access denied with code 400 (phase 2). Pattern match "^[\\d\\.]+$" at REQUEST_HEADERS:Host. [file "/etc/httpd/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf"] [line "60"] [id "960017"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [hostname "88.xxx.xxx.xxx"] [uri "/favicon.ico"] [unique_id "Y376mX8AAAEAAASzGQAAAAAD"] I commented out that line in the modsecurity but I'm not sure how it could have got added. I installed a new modsecurity today, latest from their site but I didn't actually change any config files. |
Quote:
with mod_security You have to be very carefull. Each rule should be tested before You will put it to production. If Your url is recognized like a risk of attack maybe You have to create the rule which will accept this link. Also dont forget to observe robots on Your website. Default configuration of the mod_security close access for many webcrawlers (also for google, yahoo). |
Quote:
|
| All times are GMT -5. The time now is 07:12 PM. |