email is not being send. On Wed, Jan 28, 2015 at 1:27 PM, Sabin Ranjit <think.sa...@gmail.com> wrote:
> hi, > I'm trying to send email when specific rule get matched in the modsecurity > but the modsecurity gives execution error in the mod_audit.log. > > I have written my own test rule like this: > > SecRule REQUEST_HEADERS:User-Agent "FAKE-USER" > "chain,deny,log,exec:/root/send_alert_email_fake-user.sh,id:1234123455" > SecRule REMOTE_ADDR "^192\.168\.203\.141" > > and my script looks like this: > > #!/bin/sh > echo "Fake user tried to access the web application" |mail -s "local > server under attack" u...@user.com > echo Done. > > The mod_audit.log is giving this message and email is being send. > > Message: Exec: Execution failed while reading output: > /root/send_alert_email_fake-user.sh (End of file found) > Message: Failed to execute: /root/send_alert_email_fake-user.sh > Message: Warning. Pattern match "^192\\.168\\.203\\.141" at REMOTE_ADDR. > [file > "/usr/share/modsecurity-crs/activated_rules/check_user_agent_email.conf"] > [line "1"] [id "1234123455"] > > Please help me to fix this? I'm also referencing ModSecurity 2.5 by Magnus > Mischel. > > thanks. > > >
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
