Uploaded image for project: 'JBoss Core Services'
  1. JBoss Core Services
  2. JBCS-338

mod_security generating error messages to error_log

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Critical
    • Resolution: Rejected
    • httpd 2.4.23 GA, httpd 2.4.23 SP1 DR3
    • None
    • httpd, mod_security, rpm, zip
    • None
    • Hide
      1. download zip or install rpms
      2. create or modify conf.d/mod_security.conf file
        LoadModule security2_module modules/mod_security2.so
            <IfModule security2_module>
                SecRuleEngine On
                SecCollectionTimeout 15
                SecDataDir /tmp
                SecDebugLog logs/modsec-debug-GLOBAL-initcol.log
                SecDebugLogLevel 9
        
                SecRule REQUEST_COOKIES:SESSIONID !^$  phase:1,id:110,nolog,pass,setsid:%{REQUEST_COOKIES.SESSIONID}
                SecAction phase:1,id:111,nolog,pass,setvar:SESSION.my_counter=+1
         
                SecAction phase:1,id:112,nolog,pass,initcol:global=counter
                SecAction phase:1,id:113,nolog,pass,setvar:global.counter=+1
                
            </IfModule>
        
      3. send server some amount of requests
        sbin/ab -k -n 100 -c 80 -H "Cookie: SESSIONID=testid" http://127.0.0.1/
        
      4. check errors presence at error_log
        grep "error" logs/error_log
        
      Show
      download zip or install rpms create or modify conf.d/mod_security.conf file LoadModule security2_module modules/mod_security2.so <IfModule security2_module> SecRuleEngine On SecCollectionTimeout 15 SecDataDir /tmp SecDebugLog logs/modsec-debug-GLOBAL-initcol.log SecDebugLogLevel 9 SecRule REQUEST_COOKIES:SESSIONID !^$ phase:1,id:110,nolog,pass,setsid:%{REQUEST_COOKIES.SESSIONID} SecAction phase:1,id:111,nolog,pass,setvar:SESSION.my_counter=+1 SecAction phase:1,id:112,nolog,pass,initcol:global=counter SecAction phase:1,id:113,nolog,pass,setvar:global.counter=+1 </IfModule> send server some amount of requests sbin/ab -k -n 100 -c 80 -H "Cookie: SESSIONID=testid" http://127.0.0.1/ check errors presence at error_log grep "error" logs/error_log
    • Compatibility/Configuration, User Experience

    Description

      Using SecDataDir along with global.counter or SESSION.counter generates errors in error_log.

      [Thu Apr 27 05:39:10.111929 2017] [:error] [pid 12126] [client ::1:39910] [client ::1] ModSecurity: Could not set variable "SESSION.my_counter" as the collection does not exist. [hostname "localhost"] [uri "*"] [unique_id "WQG8PgoQW7sAAC9enFEAAAAQ"]
      [Thu Apr 27 05:39:11.113296 2017] [:error] [pid 12129] [client ::1:39912] [client ::1] ModSecurity: Could not set variable "SESSION.my_counter" as the collection does not exist. [hostname "localhost"] [uri "*"] [unique_id "WQG8PwoQW7sAAC9hznsAAAAT"]
      

      Attachments

        Activity

          People

            gzaronik@redhat.com George Zaronikas
            jonderka@redhat.com Jan Onderka
            Jan Onderka Jan Onderka
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: