Saneesh, You should be able to do an exception for this. What was your exception that you tried?
-Ryan ________________________________________ From: owasp-modsecurity-core-rule-set-boun...@lists.owasp.org [owasp-modsecurity-core-rule-set-boun...@lists.owasp.org] on behalf of SANEESH [sanee...@scigenom.com] Sent: Wednesday, April 17, 2013 8:32 AM To: owasp-modsecurity-core-rule-set@lists.owasp.org Subject: [Owasp-modsecurity-core-rule-set] Mod_Security Blocks Google_Analytics_Content_Experiments Hi, Am trying to integrate Google_Analytics_Content_Experiments to my webpages, when trying the Analytic test am getting "We encountered an error while trying to connect to the server with your web pages (HTTP status: 403)". I found this is because mod_security is blocking the request..Please check the below log for more details..I tried to add exception for "user Agent: Google_Analytics_Content_Experiments", but no luck..Please help. Log: [17/Apr/2013:07:26:18 --0400] wSzSgUDPmqEAABafQXYAAAAA 74.125.186.151 54656 64.207.154.161 80 --e29d6a3c-B-- GET /pro-membership2 HTTP/1.1 User-Agent: Google_Analytics_Content_Experiments (http://support.google.com/analytics/bin/answer.py?topic=1745208&answer=1665377) Host:www.test.com Accept-Encoding: gzip --e29d6a3c-F-- HTTP/1.1 403 Forbidden Last-Modified: Wed, 25 May 2011 01:34:04 GMT ETag: "1c00603-3c2-4a40fb3273b00" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 553 Connection: close Content-Type: text/html --e29d6a3c-H-- Message: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "2.2.5"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] Action: Intercepted (phase 2) Stopwatch: 1366197978059393 1535 (- - -) Stopwatch2: 1366197978059393 1535; combined=388, p1=262, p2=86, p3=0, p4=0, p5=40, sr=99, sw=0, l=0, gc=0 Producer: ModSecurity for Apache/2.6.8 (http://www.modsecurity.org/); OWASP_CRS/2.2.5. Server: Apache Rgrds, Saneesh C. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
