Alert Level: 7; Rule: 104150 - Drupal access denied error (permissions rejected).; Location: (proxy01) xxx.xxx.xxx.xxx ->/var/log/httpd/www.xxx-error_log; [Mon Jun 29 13:54:44.413481 2015] [:error] [pid 1075] [client 54.176.229.159] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "1"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "xxx.xxx.xxx"] [uri "xxx.pdf"] [unique_id "VZGGZCuZS9My5o08pTOE-QAAAAU"]
Alert Level: 2; Rule: 1002 - Unknown problem somewhere in the system.; Location: (proxy01) xxx.xxx.xxx.xxx->/var/log/httpd/www.xxx-error_log; [Mon Jun 29 13:16:25.592649 2015] [:error] [pid 834] [client 170.226.80.70] ModSecurity: Rule 7f4f36ef9c18 [id "970003"][file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_50_outbound.conf"][line "123"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "xxx.xxx.xxx"] [uri "/xxx/dgi"] [unique_id "VZF9ae-TU@imyyXQxFzU3QAAAAU"] -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
