Directory index forbidden

Community support forums for the free/delayed modsecurity rules feed. There is no such thing as a bad question here as long as it pertains to using the delayed modsecurity rules feed. Newbies feel free to get help getting started or asking questions that may be obvious.
everclear
New Forum User
New Forum User
Posts: 4
Joined: Mon Jun 15, 2009 10:30 am

Directory index forbidden

Unread post by everclear »

Is it possible to tell mod_security not to log errors direct from Apache. I see client sites that have issues cause the following error..

Code: Select all

Apache-Error: [file "/builddir/build/BUILD/httpd-2.2.3/modules/generators/mod_autoindex.c"] [line 2274] [level 3] Directory index forbidden by Options directive: /path/to/dir/, referer: http://www.example.com/referer
Apache-Handler: httpd/unix-directory
These aren't really security issues and produce a lot of logging, especially in the Z section. Any advice appreciated.
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: Directory index forbidden

Unread post by scott »

In ASL these are classified as level 5 alerts and dont show up by default
everclear
New Forum User
New Forum User
Posts: 4
Joined: Mon Jun 15, 2009 10:30 am

Re: Directory index forbidden

Unread post by everclear »

AH. I guess I should take from your answer, that there is no way to stop it being logged.
faris
Long Time Forum Regular
Long Time Forum Regular
Posts: 2321
Joined: Thu Dec 09, 2004 11:19 am

Re: Directory index forbidden

Unread post by faris »

Yeah, our report emails are nearly 300Kb each, once per hour per machine, due to ossec logging everything. It is a PITA.

I understand that this issue is not going to happen in 2.2.6 though - I can't wait for it to come out :-)

It is in -testing if you want to have a go now.

Faris.
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
biggles
Forum Regular
Forum Regular
Posts: 806
Joined: Tue Jul 15, 2008 2:38 pm
Location: Sweden
Contact:

Re: Directory index forbidden

Unread post by biggles »

Sorry for asking what might be a stupid question, but but isn't there a rule number indicating which rule is being triggered? What about disabling/modifying that rule?
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: Directory index forbidden

Unread post by scott »

No because its not coming from mod_security, its just a general apache error code (401 auth denied, 403 from a directory index forbidden, etc)
aus-city
Forum Regular
Forum Regular
Posts: 685
Joined: Thu Oct 26, 2006 11:56 pm

Re: Directory index forbidden

Unread post by aus-city »

Set up a script using sed to remove them from the logs :)
Post Reply