Results 1 to 8 of 8
  1. #1
    Join Date
    Jan 2005
    Posts
    483

    mod_security blocks googlebot help please

    I installed mod_security on my apache and noticed from logs that it's blocking googlebot. I have this in my errorlog:

    [Tue Sep 05 08:15:06 2006] [error] [client 66.249.66.80] mod_security: Access denied with code 403. Pattern match "^$" at HEADER("Accept") [severity "EMERGENCY"]...

    I don't know what it exactly mean.
    Is there a way to enable googlebot permanently I mean by IP not by user-agent because it can be simply changed ?

  2. #2
    Find the reference to the ^$ line in your mod_security folder and comment it out. Then restart apache.

  3. #3
    Join Date
    Jan 2005
    Posts
    483
    I found another entry:

    [Tue Sep 05 08:32:01 2006] [error] [client 66.102.10.136] mod_security: Access denied with code 403. Pattern match "^$" at HEADER("User-Agent") [severity "EMERGENCY"].

    Is this empty user-agent ? that IP also belongs to Google

  4. #4
    Join Date
    Aug 2004
    Posts
    358
    I saw some exclusion rulesets at the following link that may help you.

    http://www.gotroot.com/tiki-index.ph...security+rules

  5. #5
    Go to your mod_security folder, then type:

    Code:
    # fgrep '^$' *
    That will show you where it's referenced. Add # before the questionable lines to comment them out.

  6. #6
    Join Date
    Jan 2005
    Posts
    483
    thanx tamar, I found references, I also looked on link posted by sonixi but there seems to be directory based exclusions.

  7. #7
    Join Date
    Jan 2005
    Posts
    483
    I added this line at the start of badips.conf. Seems that it helps but is this OK ?
    I mean syntax and where its placed.

    SecFilterSelective REMOTE_ADDR ^66\.249\.(.*)\.(.*) nolog,allow

  8. #8
    Join Date
    May 2002
    Location
    Kingston, Ontario
    Posts
    1,573
    Uhg the got-root ruleset is nasty, I wouldn't use that on a production box. I would only selectively use some of their rules with my own custom ones.
    Upload Guardian 2 - Malicious Upload Scanner - Windows and Linux!
    Instantly scan uploaded files
    Get notified when released

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •