Author Topic: I turned off Mod security and turned off Apache.  (Read 4186 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
I turned off Mod security and turned off Apache.
« on: March 09, 2020, 10:44:23 PM »
I turned off Mod security and off Apache.
and does not start
Why did you have this behavior?



I thank everyone who helps me in the answer.
Jony Host

Offline
*****
Re: I turned off Mod security and turned off Apache.
« Reply #1 on: March 10, 2020, 04:22:38 AM »
hi
can you check the Apache service status or the Apache log why it is off.

Offline
*
Re: I turned off Mod security and turned off Apache.
« Reply #2 on: March 10, 2020, 11:40:07 AM »
apache log

[Tue Mar 10 12:18:02.743975 2020] [:error] [pid 2012:tid 140672501729024] [client 184.105.247.196:2804] [client 184.105.247.196] ModSecurity: Warning. Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "793"] [id "920350"] [rev "2"] [msg "Host header is a numeric IP address"] [data "207.000.678.17"] [severity "WARNING"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "207.000.203.17"] [uri "/"] [unique_id "Xmd3atQFYVZZqmfmXnX5DAAAAFc"]
Jony Host

Offline
*****
Re: I turned off Mod security and turned off Apache.
« Reply #3 on: March 10, 2020, 02:56:10 PM »
this is the id you need to add it to disable rule
id "920350"

or use comodo waf (pro required)

Offline
*
Re: I turned off Mod security and turned off Apache.
« Reply #4 on: March 11, 2020, 12:22:41 PM »
this is the id you need to add it to disable rule
id "920350"

or use comodo waf (pro required)

already added

thanks my friend

Jony Host