Package: libapache-mod-security
Version: 2.5.12-1
Severity: normal
Hi,
I'm getting this message on multiple web pages:
| Message: Rule execution error - PCRE limits exceeded (-8): (null).
| Message: Access denied with code 403 (phase 2). Match of streq 0
| againstTX:MSC_PCRE_LIMITS_EXCEEDED required. [file
| /etc/modsecurity/00debian7.conf] [line 93] [msg ModSecurity
| internal error flagged: TX:MSC_PCRE_LIMITS_EXCEEDED]
| Action: Intercepted (phase 2)
| Stopwatch: 1331122914310502 8477 (1514 8124 -)
| Producer: ModSecurity for Apache/2.5.12 (http://www.modsecurity.org/); core
ruleset/2.2.3.
| Server: Apache/2.2.16 (Debian)
The file 00debian7.conf is in fact 'modsecurity.conf-recommended' from
Debian package version 2.6.3-1 with small changes to make it start with
libapache-mod-security from Debian 6.0.
# s%REQBODY_ERROR%REQBODY_PROCESSOR_ERROR%
# s%^\(SecRequestBodyLimitAction\)%#\1%
These are caused by legitimate web access requests.
Removing/disabling SecPcreMatchLimit parameters doesn't change anything.
Increasing to 1000 doesn't help either. Thus, this appears to be
an internal error of ModSecurity.
Thanks
-- System Information:
Debian Release: 6.0.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libapache-mod-security depends on:
ii apache2.2-common 2.2.16-6+squeeze6 Apache HTTP Server common files
ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib
ii liblua5.1-05.1.4-5 Simple, extensible, embeddable pro
ii libpcre3 8.02-1.1 Perl 5 Compatible Regular Expressi
ii libxml22.7.8.dfsg-2+squeeze3 GNOME XML library
ii mod-security-commo 2.5.12-1 Tighten web applications security
libapache-mod-security recommends no packages.
libapache-mod-security suggests no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org