I have installed mod_security with WAF rules, does this work with mod_ruid2 or not?
But I see this:
[Thu Sep 17 23:02:16.885748 2015] [:error] [pid 12886] [client *] ModSecurity: Access denied with code 403 (phase 2). String match within "/Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/" at TX:header_name. [file "/usr/local/cwaf/rules/10_HTTP_HTTP.conf"] [line "32"] [id "210740"] [msg "COMODO WAF: HTTP header is restricted by policy"] [data "/Proxy-Connection/"] [severity "WARNING"] [hostname "forum.*.org"] [uri "/"] [unique_id "VfsqWLkMDREAADJWOUkAAAAC"]
[Thu Sep 17 23:02:16.886110 2015] [:error] [pid 12886] [client *] ModSecurity: Audit log: Failed to lock global mutex: Permission denied [hostname "forum.karamkriya.org"] [uri "/"] [unique_id "VfsqWLkMDREAADJWOUkAAAAC"]
[Thu Sep 17 23:02:16.886283 2015] [:error] [pid 12886] [client *] ModSecurity: Audit log: Failed to unlock global mutex: Permission denied [hostname "forum.karamkriya.org"] [uri "/"] [unique_id "VfsqWLkMDREAADJWOUkAAAAC"]
[Thu Sep 17 23:02:18.521760 2015] [:error] [pid 12716] [client *] ModSecurity: Access denied with code 403 (phase 2). String match within "/Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/" at TX:header_name. [file "/usr/local/cwaf/rules/10_HTTP_HTTP.conf"] [line "32"] [id "210740"] [msg "COMODO WAF: HTTP header is restricted by policy"] [data "/Proxy-Connection/"] [severity "WARNING"] [hostname "forum.*.org"] [uri "/"] [unique_id "VfsqWrkMDREAADGsgRQAAAAF"]
[Thu Sep 17 23:02:18.522220 2015] [:error] [pid 12716] [client *
] ModSecurity: Audit log: Failed to lock global mutex: Permission denied [hostname "forum.*.org"] [uri "/"] [unique_id "VfsqWrkMDREAADGsgRQAAAAF"]
[Thu Sep 17 23:02:18.522448 2015] [:error] [pid 12716] [client *] ModSecurity: Audit log: Failed to unlock global mutex: Permission denied [hostname "forum.*.org"] [uri "/"] [unique_id "VfsqWrkMDREAADGsgRQAAAAF"]
Is it working right or not? I want to test some bruteforce (enabled in comodo WAF) attacks.
But I see this:
[Thu Sep 17 23:02:16.885748 2015] [:error] [pid 12886] [client *] ModSecurity: Access denied with code 403 (phase 2). String match within "/Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/" at TX:header_name. [file "/usr/local/cwaf/rules/10_HTTP_HTTP.conf"] [line "32"] [id "210740"] [msg "COMODO WAF: HTTP header is restricted by policy"] [data "/Proxy-Connection/"] [severity "WARNING"] [hostname "forum.*.org"] [uri "/"] [unique_id "VfsqWLkMDREAADJWOUkAAAAC"]
[Thu Sep 17 23:02:16.886110 2015] [:error] [pid 12886] [client *] ModSecurity: Audit log: Failed to lock global mutex: Permission denied [hostname "forum.karamkriya.org"] [uri "/"] [unique_id "VfsqWLkMDREAADJWOUkAAAAC"]
[Thu Sep 17 23:02:16.886283 2015] [:error] [pid 12886] [client *] ModSecurity: Audit log: Failed to unlock global mutex: Permission denied [hostname "forum.karamkriya.org"] [uri "/"] [unique_id "VfsqWLkMDREAADJWOUkAAAAC"]
[Thu Sep 17 23:02:18.521760 2015] [:error] [pid 12716] [client *] ModSecurity: Access denied with code 403 (phase 2). String match within "/Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/" at TX:header_name. [file "/usr/local/cwaf/rules/10_HTTP_HTTP.conf"] [line "32"] [id "210740"] [msg "COMODO WAF: HTTP header is restricted by policy"] [data "/Proxy-Connection/"] [severity "WARNING"] [hostname "forum.*.org"] [uri "/"] [unique_id "VfsqWrkMDREAADGsgRQAAAAF"]
[Thu Sep 17 23:02:18.522220 2015] [:error] [pid 12716] [client *
] ModSecurity: Audit log: Failed to lock global mutex: Permission denied [hostname "forum.*.org"] [uri "/"] [unique_id "VfsqWrkMDREAADGsgRQAAAAF"][Thu Sep 17 23:02:18.522448 2015] [:error] [pid 12716] [client *] ModSecurity: Audit log: Failed to unlock global mutex: Permission denied [hostname "forum.*.org"] [uri "/"] [unique_id "VfsqWrkMDREAADGsgRQAAAAF"]
Is it working right or not? I want to test some bruteforce (enabled in comodo WAF) attacks.
