which rules are triggering?
Posted: Wed Mar 16, 2011 10:42 pm
I am seeing activity in the logs which shows clients getting blocked where I know this activity should be ok.
Also I am unable to view the server-status page even with my IP in the whitelist.
How can I tell which rules are getting triggered?
Here are audit_log entries:
Also I am unable to view the server-status page even with my IP in the whitelist.
How can I tell which rules are getting triggered?
Here are audit_log entries:
Code: Select all
www.smallgod.net 76.14.57.52 - - [16/Mar/2011:19:28:39 --0700] "GET /server-info/ HTTP/1.1" 404 65113 "-" "-" a09nJkgKIkkAAHcHtyMAAAAG "-" /20110316/20110316-1928/20110316-192839-a09nJkgKIkkAAHcHtyMAAAAG 0 2623285 md5:97422f5878bbf22bff3c8064c93883e0
make-one.co 76.90.211.164 - - [16/Mar/2011:19:30:06 --0700] "GET /contact-subscribe/?visual-editor=true HTTP/1.1" 500 37743 "-" "-" cIUdoUgKIkkAABzaEw0AAAAA "-" /20110316/20110316-1930/20110316-193006-cIUdoUgKIkkAABzaEw0AAAAA 0 2246 md5:77c3ff3123167de4bbd25054a242d13f
www.smallgod.net 76.14.57.52 - - [16/Mar/2011:19:30:11 --0700] "GET /server-status/ HTTP/1.1" 401 1214 "-" "-" cNlfvEgKIkkAAHb@qTkAAAAF "-" /20110316/20110316-1930/20110316-193011-cNlfvEgKIkkAAHb@qTkAAAAF 0 1433 md5:056355727a4514ca1cec861e6d8b8108
www.foncocreative.net 87.118.102.188 - - [16/Mar/2011:19:31:33 --0700] "POST /indieforum/posting.php?mode=reply&f=3&sid=a799a44077287a32f9e2e005848da54e&t=1353 HTTP/1.0" 403 962 "-" "-" dbi8skgKIkkAAD1vOrsAAAAC "-" /20110316/20110316-1931/20110316-193133-dbi8skgKIkkAAD1vOrsAAAAC 0 9731 md5:fc9582a87c8deb6c777e3583eaf29c28
make-one.co 76.90.211.164 - - [16/Mar/2011:19:33:01 --0700] "GET /contact-subscribe/?visual-editor=true HTTP/1.1" 500 37690 "-" "-" evClw0gKIkkAAHcN3kEAAAAJ "-" /20110316/20110316-1933/20110316-193301-evClw0gKIkkAAHcN3kEAAAAJ 0 2246 md5:0373ad735f3029bb532e22f835236ee5
make-one.co 76.90.211.164 - - [16/Mar/2011:19:37:08 --0700] "GET /contact-subscribe/?visual-editor=true HTTP/1.1" 500 37659 "-" "-" iaZmnEgKIkkAAGcbZ6AAAAAA "-" /20110316/20110316-1937/20110316-193708-iaZmnEgKIkkAAGcbZ6AAAAAA 0 2221 md5:015d8f335f581528770ee310140b52e5