[Owasp-modsecurity-core-rule-set] What does this mean
Dimitri Yioulos
dyioulos at firstbhph.com
Thu Dec 30 14:43:59 EST 2010
All,
With the installation of the latest rulesit, I'm
now getting the following alerts:
Warning - Sticky SessionID Data Changed -
User-Agent Mismatch. Access denied with code
403 (phase 2). Match of "streq %{SESSION.UA}"
against "TX:ua_hash" required.
Hope I'm not being too stupid here, but what does
that mean? Am I blocking legitimate traffic?
Better still, is there a place (documents, etc.)
that describes various alerts?
Thanks.
Dimitri
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Owasp-modsecurity-core-rule-set
mailing list