Error :-

=====================

ModSecurity: Access denied with code 500 (phase 2). Match of “rx ^HTTP/(0\\\\.9|1\\\\.0|1\\\\.1)$” against “REQUEST_PROTOCOL” required. [file "/usr/local/apache/conf/modsec2/rules.conf"] [line "38"] [id "340000"] [msg "Bad HTTP Protocol"] [severity "ALERT"] [hostname "www.xxxxxx.com"] [uri "/favicon.ico"] [unique_id "OuT1Q0VI6HoAAQvX@BIAAAAJ"]

=====================

You might receive this error at times if mod_security is not properly configured. If you happen to receive this error make the following changes:-

=====================

accroding to the following rule at the start of /usr/local/apache/conf/modsec2/rules.conf :-
#Configure for your site
SecDefaultAction “log,deny,phase:2,status:500,t:urlDecodeUni,t:htmlEntityDecode,t:lowercase”

everything followed after the above has to be written in lowercase , so we should modify the rule after this line FROM :-

#Enforce proper HTTP requests
SecRule REQUEST_PROTOCOL “!^HTTP/(0\.9|1\.0|1\.1)$” “id:340000,severity:1,msg:’Bad HTTP Protocol’”

TO

#Enforce proper HTTP requests
SecRule REQUEST_PROTOCOL “!^http/(0\.9|1\.0|1\.1)$” “id:340000,severity:1,msg:’Bad HTTP Protocol’”

=====================

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.