Package: libapache-mod-security Version: 2.5.12-1 Severity: normal Hi,
I'm getting this message on multiple web pages: | Message: Rule execution error - PCRE limits exceeded (-8): (null). | Message: Access denied with code 403 (phase 2). Match of "streq 0" | against"TX:MSC_PCRE_LIMITS_EXCEEDED" required. [file | "/etc/modsecurity/00debian7.conf"] [line "93"] [msg "ModSecurity | internal error flagged: TX:MSC_PCRE_LIMITS_EXCEEDED"] | Action: Intercepted (phase 2) | Stopwatch: 1331122914310502 8477 (1514 8124 -) | Producer: ModSecurity for Apache/2.5.12 (http://www.modsecurity.org/); core ruleset/2.2.3. | Server: Apache/2.2.16 (Debian) The file 00debian7.conf is in fact 'modsecurity.conf-recommended' from Debian package version 2.6.3-1 with small changes to make it start with libapache-mod-security from Debian 6.0. # s%REQBODY_ERROR%REQBODY_PROCESSOR_ERROR% # s%^\(SecRequestBodyLimitAction\)%#\1% These are caused by legitimate web access requests. Removing/disabling SecPcreMatchLimit parameters doesn't change anything. Increasing to 10000000 doesn't help either. Thus, this appears to be an internal error of ModSecurity. Thanks -- System Information: Debian Release: 6.0.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libapache-mod-security depends on: ii apache2.2-common 2.2.16-6+squeeze6 Apache HTTP Server common files ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii liblua5.1-0 5.1.4-5 Simple, extensible, embeddable pro ii libpcre3 8.02-1.1 Perl 5 Compatible Regular Expressi ii libxml2 2.7.8.dfsg-2+squeeze3 GNOME XML library ii mod-security-commo 2.5.12-1 Tighten web applications security libapache-mod-security recommends no packages. libapache-mod-security suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org