Hello!

I have a system set up where I use a reverse proxy (Apache/2.4.7 (Ubuntu 
14.04LTS)), to reach a content server (Apache/2.2.22 (Ubuntu 12.04LTS)). The 
content server is providing a Wordpress (latest version) site. Two domains 
point to the external ip and the proxy server passes them to the content server 
as either 80 or 443 traffic.  On the backend, a redirection occurs for all 80 
traffic to 443 which has 3rd party cert.

The reverse proxy is also providing caching.  The site seems to be working.

I then installed mod_security from the Ubuntu package libapache2-modsecurity, 
which I understand to be ver 2.7.7-2, downloaded the CRS and turned it on with 
DetectionOnly.

However, every time the site is accessed, I get a significant number of alerts. 
And a significant number of these seem related to cache (specifically 
Cache-Control Response Header Missing), headers (Content-Type Headers missing), 
and cookies. Some include the tag of “MISCONFIGURATION”.

I’ve been reading how to scrub these for false-positives, but the number of 
them right now makes me think I may have a configuration screwup, and I want to 
rule that out before I start turning off rules.

I don’t want to indiscriminately dump logs or config files here but will 
provide what others think is most valid.

Thanks in advance for any help getting pointed in the right direction.

Tim




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Reply via email to