Videocache is no longer in development.
[error] [client 127.0.0.1] ModSecurity: Access denied with code 400 (phase 2). Pattern match __^[\\\\d\\\\.]+$__ at REQUEST_HEADERS:Ho
by Anonymous on 13 Feb 2009I'm running fedora 10 and it seems apache's mod_security is having an issue with loading videos from localhost ip 127.0.0.1. I get that error about unable to load video, etc.
I ran tail -f /var/log/httpd/error_log.
Here's my apache info from the log:
Apache/2.2.10 (Unix) DAV/2 PHP/5.2.6 mod_ssl/2.2.10 OpenSSL/0.9.8g Apache/2.2.0 (Fedora) configured.
The interesting error I am getting is as follows:
[error] [client 127.0.0.1] ModSecurity: Access denied with code 400 (phase 2). Pattern match "^[\\\\d\\\\.]+$" at REQUEST_HEADERS:Host. [file "/etc/httpd/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf"] [line "60"] [id "960017"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [hostname "127.0.0.1"] [uri "/videocache/youtube/sY7aYXY9TQo"] [unique_id "SZTPnH8AAAEAAEAVQigAAAAA"].
The work around I did was to comment out line 60 from /etc/httpd/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf.:
# Check that the host header is not an IP address
#
#SecRule REQUEST_HEADERS:Host "^[\\d\\.]+$" "phase:2,t:none,deny,log,auditlog,status:400,msg:'Host header is a numeric IP address', severity:'2',id:'960017',ta#g:'PROTOCOL_VIOLATION/IP_HOST'".
That works, the videos will load from 127.0.0.1, but I don't like changing mod_security because I'm an apache noob.
Is this a know issue? Know of a better solution for me?
I don't know if this is relevant but my /etc/hosts file is as follows:
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost localhost
::1 localhost6.localdomain6 localhost6
1 Answers