-
Marie
- Junior Member
- Posts: 26
- Joined: 15 Dec 2006, 16:16
-
Contact:
Post
by Marie »
Hi Chirpy
I changed your regex.pm a little to not block all mod_security related entries as some IPs were getting blocked for "Access Allowed", for example
My rule is now :
Code: Select all
if (($config{LF_MODSEC}) and ($line =~ /\[client (.*)\] mod_security: Access denied/)) {
return ("mod_security triggered by",$1,"mod_security");
But I guess it will be overwritten with the next csf update... maybe you could consider to change the regex.pm by default ?
Thank you once more for this fantastic tool !
-
chirpy
- Moderator
- Posts: 3537
- Joined: 09 Dec 2006, 18:13
Post
by chirpy »
It'd changed after some work with mod_security v1. I've reverted it back to how it was for csf v2.54 now
-
Marie
- Junior Member
- Posts: 26
- Joined: 15 Dec 2006, 16:16
-
Contact:
Post
by Marie »
Great to hear ! Thank you so much !