ModSecurity 2.9.0-25.el6.art IPmatch: bad IPv4 specification

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
Post Reply
proinagltd1
Forum User
Forum User
Posts: 27
Joined: Wed Jul 20, 2011 4:17 am
Location: Eastbourne

ModSecurity 2.9.0-25.el6.art IPmatch: bad IPv4 specification

Unread post by proinagltd1 »

hello I have lots of the following errors since i did aum -u and asl -s -f last night.

ModSecurity: IPmatch: bad IPv4 specification ModSecurity: Rule processing failed.

looks like a lot are from GoogleBot & Bing ModSecurity IPs: IPmatch: bad IPv4 specification "crawl-66-249-64-29.googlebot.com".

i have:

Code: Select all

yum list mod_security
Loaded plugins: dellsysid, downloadonly, fastestmirror, security
Loading mirror speeds from cached hostfile
 * asl-4.0: www6.atomicorp.com
 * base: mirror.bytemark.co.uk
 * centosplus: mirrors.melbourne.co.uk
 * contrib: mirror.simwood.com
 * epel: mirror.bytemark.co.uk
 * extras: mirrors.melbourne.co.uk
 * tortix: www6.atomicorp.com
 * tortix-kernel: www6.atomicorp.com
 * updates: mirror.bytemark.co.uk
 * webtatic: uk.repo.webtatic.com
Installed Packages
mod_security.x86_64                 1:2.9.0-25.el6.art                  @asl-4.0
Top
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: ModSecurity 2.9.0-25.el6.art IPmatch: bad IPv4 specifica

Unread post by mikeshinn »

You want to use the new lua based rules, just change these settings in the ASL gui to no:

MODSEC_00_SEARCHENGINE
MODSEC_00_AUTOWHITELIST_SEARCHENGINE

And this setting to yes:

WAF_LUA_00_SEARCHENGINE
Top
Post Reply

Return to “Atomic Protector (formerly ASL)”