Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Initialising transaction (txid XMyFyWdPpz9cuNemUHJz2QAAAAA).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Transaction context created (dcfg 7ff29ebd1f10).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Starting phase REQUEST_HEADERS.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] This phase consists of 2 rule(s).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Recipe: Invoking rule 7ff29da74c20; [file "/etc/modsecurity/modsecurity.conf"] [line "23"] [id "200000"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][5] Rule 7ff29da74c20: SecRule "REQUEST_HEADERS:Content-Type" "@rx (?:application(?:/soap\\+|/)|text/)xml" "phase:1,auditlog,id:200000,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Recipe: Invoking rule 7ff29da729e0; [file "/etc/modsecurity/modsecurity.conf"] [line "30"] [id "200001"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][5] Rule 7ff29da729e0: SecRule "REQUEST_HEADERS:Content-Type" "@rx application/json" "phase:1,auditlog,id:200001,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Second phase starting (dcfg 7ff29ebd1f10).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Input filter: This request does not have a body.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Starting phase REQUEST_BODY.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] This phase consists of 4 rule(s).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Recipe: Invoking rule 7ff29da70180; [file "/etc/modsecurity/modsecurity.conf"] [line "60"] [id "200002"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][5] Rule 7ff29da70180: SecRule "REQBODY_ERROR" "!@eq 0" "phase:2,auditlog,id:200002,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:%{reqbody_error_msg},severity:2"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Transformation completed in 1 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Executing operator "!eq" with param "0" against REQBODY_ERROR.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] Target value: "0"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Operator completed in 7 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Recipe: Invoking rule 7ff29da71df8; [file "/etc/modsecurity/modsecurity.conf"] [line "81"] [id "200003"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][5] Rule 7ff29da71df8: SecRule "MULTIPART_STRICT_ERROR" "!@eq 0" "phase:2,auditlog,id:200003,t:none,log,deny,status:400,msg:'Multipart request body failed strict validation: PE %{REQBODY_PROCESSOR_ERROR}, BQ %{MULTIPART_BOUNDARY_QUOTED}, BW %{MULTIPART_BOUNDARY_WHITESPACE}, DB %{MULTIPART_DATA_BEFORE}, DA %{MULTIPART_DATA_AFTER}, HF %{MULTIPART_HEADER_FOLDING}, LF %{MULTIPART_LF_LINE}, SM %{MULTIPART_MISSING_SEMICOLON}, IQ %{MULTIPART_INVALID_QUOTING}, IP %{MULTIPART_INVALID_PART}, IH %{MULTIPART_INVALID_HEADER_FOLDING}, FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Transformation completed in 1 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Executing operator "!eq" with param "0" against MULTIPART_STRICT_ERROR.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] Target value: "0"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Operator completed in 1 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Recipe: Invoking rule 7ff29da6ad18; [file "/etc/modsecurity/modsecurity.conf"] [line "86"] [id "200004"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][5] Rule 7ff29da6ad18: SecRule "MULTIPART_UNMATCHED_BOUNDARY" "!@eq 0" "phase:2,auditlog,id:200004,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Transformation completed in 0 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Executing operator "!eq" with param "0" against MULTIPART_UNMATCHED_BOUNDARY.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] Target value: "0"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Operator completed in 4 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Recipe: Invoking rule 7ff29da66728; [file "/etc/modsecurity/modsecurity.conf"] [line "100"] [id "200005"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][5] Rule 7ff29da66728: SecRule "TX:/^MSC_/" "!@streq 0" "phase:2,log,auditlog,id:200005,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Hook insert_filter: Adding output filter (r 7ff2a0e610a0).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e610a0][/][4] Initialising logging.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec76a20][/index.php][4] Starting phase LOGGING.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec76a20][/index.php][9] This phase consists of 0 rule(s).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec76a20][/index.php][4] Recording persistent data took 0 microseconds.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec76a20][/index.php][4] Audit log: Logging this transaction.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Initialising transaction (txid XMyFyWdPpz9cuNemUHJz2gAAAAA).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Transaction context created (dcfg 7ff29ebd1f10).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Starting phase REQUEST_HEADERS.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] This phase consists of 2 rule(s).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Recipe: Invoking rule 7ff29da74c20; [file "/etc/modsecurity/modsecurity.conf"] [line "23"] [id "200000"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][5] Rule 7ff29da74c20: SecRule "REQUEST_HEADERS:Content-Type" "@rx (?:application(?:/soap\\+|/)|text/)xml" "phase:1,auditlog,id:200000,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Recipe: Invoking rule 7ff29da729e0; [file "/etc/modsecurity/modsecurity.conf"] [line "30"] [id "200001"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][5] Rule 7ff29da729e0: SecRule "REQUEST_HEADERS:Content-Type" "@rx application/json" "phase:1,auditlog,id:200001,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Second phase starting (dcfg 7ff29ebd1f10).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Input filter: This request does not have a body.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Starting phase REQUEST_BODY.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] This phase consists of 4 rule(s).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Recipe: Invoking rule 7ff29da70180; [file "/etc/modsecurity/modsecurity.conf"] [line "60"] [id "200002"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][5] Rule 7ff29da70180: SecRule "REQBODY_ERROR" "!@eq 0" "phase:2,auditlog,id:200002,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:%{reqbody_error_msg},severity:2"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Transformation completed in 1 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Executing operator "!eq" with param "0" against REQBODY_ERROR.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] Target value: "0"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Operator completed in 1 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Recipe: Invoking rule 7ff29da71df8; [file "/etc/modsecurity/modsecurity.conf"] [line "81"] [id "200003"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][5] Rule 7ff29da71df8: SecRule "MULTIPART_STRICT_ERROR" "!@eq 0" "phase:2,auditlog,id:200003,t:none,log,deny,status:400,msg:'Multipart request body failed strict validation: PE %{REQBODY_PROCESSOR_ERROR}, BQ %{MULTIPART_BOUNDARY_QUOTED}, BW %{MULTIPART_BOUNDARY_WHITESPACE}, DB %{MULTIPART_DATA_BEFORE}, DA %{MULTIPART_DATA_AFTER}, HF %{MULTIPART_HEADER_FOLDING}, LF %{MULTIPART_LF_LINE}, SM %{MULTIPART_MISSING_SEMICOLON}, IQ %{MULTIPART_INVALID_QUOTING}, IP %{MULTIPART_INVALID_PART}, IH %{MULTIPART_INVALID_HEADER_FOLDING}, FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Transformation completed in 0 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Executing operator "!eq" with param "0" against MULTIPART_STRICT_ERROR.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] Target value: "0"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Operator completed in 0 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Recipe: Invoking rule 7ff29da6ad18; [file "/etc/modsecurity/modsecurity.conf"] [line "86"] [id "200004"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][5] Rule 7ff29da6ad18: SecRule "MULTIPART_UNMATCHED_BOUNDARY" "!@eq 0" "phase:2,auditlog,id:200004,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Transformation completed in 0 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Executing operator "!eq" with param "0" against MULTIPART_UNMATCHED_BOUNDARY.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] Target value: "0"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Operator completed in 0 usec.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Recipe: Invoking rule 7ff29da66728; [file "/etc/modsecurity/modsecurity.conf"] [line "100"] [id "200005"].
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][5] Rule 7ff29da66728: SecRule "TX:/^MSC_/" "!@streq 0" "phase:2,log,auditlog,id:200005,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'"
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Rule returned 0.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][9] No match, not chained -> mode NEXT_RULE.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Hook insert_filter: Adding output filter (r 7ff29ec760a0).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff29ec760a0][/_wdt/1fa1d6][4] Initialising logging.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e61c80][/index.php][4] Starting phase LOGGING.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e61c80][/index.php][9] This phase consists of 0 rule(s).
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e61c80][/index.php][4] Recording persistent data took 0 microseconds.
- [03/May/2019:20:17:45 +0200] [localhost/sid#7ff29da5a948][rid#7ff2a0e61c80][/index.php][4] Audit log: Logging this transaction.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement