[Owasp-modsecurity-core-rule-set] Errors

Aniyan Rajan aniyan.rajan6 at gmail.com
Mon Jul 21 05:32:12 UTC 2014


Anybody please help. What is this "Execution error - PCRE limits 
exceeded (-8): (null). " ?

I am getting this daily.

Thanks.

On 07/19/2014 06:49 PM, Aniyan Rajan wrote:
> Hello,
>
> I am getting the following errors in 
> /var/log/apache2/modsec_audit.log. Please tell me how to fix this. 
> Thanks.
>
>
> --1af2295a-A--
> [19/Jul/2014:12:51:12 +0000] U8ppwH8AAAEAABVXBoEAAAAB 61.3.165.175 
> 38386 128.222.122.22 80
> --1af2295a-B--
> GET /wp-includes/css/buttons.min.css?ver=3.9.1 HTTP/1.1
> Host: www.my-domain.com
> User-Agent: Mozilla/5.0 (X11; Linux i686; rv:30.0) Gecko/20100101 
> Firefox/30.0 Iceweasel/30.0
> Accept: text/css,*/*;q=0.1
> Accept-Language: en-US,en;q=0.5
> Accept-Encoding: gzip, deflate
> Referer: http://www.my-domain.com/wp-login.php?loggedout=true
> Cookie: wp-settings-time-1=1404924481; 
> wp-settings-1=libraryContent%3Dbrowse; 
> wordpress_test_cookie=WP+Cookie+check
> DNT: 1
> Connection: keep-alive
> If-Modified-Since: Tue, 25 Mar 2014 21:23:14 GMT
> If-None-Match: "411db-15bb-4f574f5b2f480"
>
> --1af2295a-F--
> HTTP/1.1 304 Not Modified
> Last-Modified: Tue, 25 Mar 2014 21:23:14 GMT
> ETag: "411db-15bb-4f574f5b2f480"
> Accept-Ranges: bytes
> Content-Length: 0
> Vary: Accept-Encoding
> Keep-Alive: timeout=5, max=91
> Connection: Keep-Alive
> Content-Type: text/css
>
> --1af2295a-E--
>
> --1af2295a-H--
> Message: Rule 7f14c7110280 [id "950901"][file 
> "/usr/share/modsecurity-crs/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"][line 
> "77"] - Execution error - PCRE limits exceeded (-8): (null).
> Message: Rule 7f14c7110280 [id "950901"][file 
> "/usr/share/modsecurity-crs/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"][line 
> "77"] - Execution error - PCRE limits exceeded (-8): (null).
> Message: Rule 7f14c7110280 [id "950901"][file 
> "/usr/share/modsecurity-crs/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"][line 
> "77"] - Execution error - PCRE limits exceeded (-8): (null).
> Message: Rule 7f14c7110280 [id "950901"][file 
> "/usr/share/modsecurity-crs/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"][line 
> "77"] - Execution error - PCRE limits exceeded (-8): (null).
> Stopwatch: 1405774272625367 8289 (- - -)
> Stopwatch2: 1405774272625367 8289; combined=7685, p1=238, p2=7371, 
> p3=1, p4=54, p5=21, sr=53, sw=0, l=0, gc=0
> Response-Body-Transformed: Dechunked
> Producer: ModSecurity for Apache/2.6.6 (http://www.modsecurity.org/); 
> OWASP_CRS/2.2.5; OWASP_CRS/2.2.5.
> Server: Apache
>
> --1af2295a-Z--
>
> --1af2295a-A--
> [19/Jul/2014:12:51:12 +0000] U8ppwH8AAAEAABWEO4kAAAAF 61.3.165.175 
> 38401 128.222.122.22 80
> --1af2295a-B--
> GET /wp-admin/css/login.min.css?ver=3.9.1 HTTP/1.1
> Host: www.my-domain.com
> User-Agent: Mozilla/5.0 (X11; Linux i686; rv:30.0) Gecko/20100101 
> Firefox/30.0 Iceweasel/30.0
> Accept: text/css,*/*;q=0.1
> Accept-Language: en-US,en;q=0.5
> Accept-Encoding: gzip, deflate
> Referer: http://www.my-domain.com/wp-login.php?loggedout=true
> Cookie: wp-settings-time-1=1404924481; 
> wp-settings-1=libraryContent%3Dbrowse; 
> wordpress_test_cookie=WP+Cookie+check
> DNT: 1
> Connection: keep-alive
> If-Modified-Since: Thu, 24 Apr 2014 22:05:16 GMT
> If-None-Match: "40f2c-47c8-4f7d10b42df00"
>
> --1af2295a-F--
> HTTP/1.1 304 Not Modified
> Last-Modified: Thu, 24 Apr 2014 22:05:16 GMT
> ETag: "40f2c-47c8-4f7d10b42df00"
> Accept-Ranges: bytes
> Content-Length: 0
> Vary: Accept-Encoding
> Keep-Alive: timeout=5, max=100
> Connection: Keep-Alive
> Content-Type: text/css
>
> --1af2295a-E--
>
> --1af2295a-H--
> Message: Rule 7f14c7110280 [id "950901"][file 
> "/usr/share/modsecurity-crs/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"][line 
> "77"] - Execution error - PCRE limits exceeded (-8): (null).
> Message: Rule 7f14c7110280 [id "950901"][file 
> "/usr/share/modsecurity-crs/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"][line 
> "77"] - Execution error - PCRE limits exceeded (-8): (null).
> Message: Rule 7f14c7110280 [id "950901"][file 
> "/usr/share/modsecurity-crs/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"][line 
> "77"] - Execution error - PCRE limits exceeded (-8): (null).
> Message: Rule 7f14c7110280 [id "950901"][file 
> "/usr/share/modsecurity-crs/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"][line 
> "77"] - Execution error - PCRE limits exceeded (-8): (null).
> Stopwatch: 1405774272887666 13250 (- - -)
> Stopwatch2: 1405774272887666 13250; combined=12096, p1=289, p2=11727, 
> p3=2, p4=55, p5=23, sr=72, sw=0, l=0, gc=0
> Response-Body-Transformed: Dechunked
> Producer: ModSecurity for Apache/2.6.6 (http://www.modsecurity.org/); 
> OWASP_CRS/2.2.5; OWASP_CRS/2.2.5.
> Server: Apache
>
> --1af2295a-Z--
>



More information about the Owasp-modsecurity-core-rule-set mailing list