One of the apache rule for the resolution of API seems to be that addresses of request cannot be numeric.
I commented the rule out... But I should take a look whether there is no better solution.
To find the rule posing the problem I looked at the logs in: /etc/httpd/logs/error_log.
There was a line:
[Fri May 09 02:09:51 2008] [error] [client xxx.xxx.x.xxx] ModSecurity: Access denied with code 400 (phase 2). Pattern match "^[\\\\d\\\\.]+$" at REQUEST_HEADERS:Host. [id "960017"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [hostname "xxx.xxx.x.xxx"] [uri "/ajaxmp"] [unique_id "BFUWMX8AAAEAAA8ewlgAAAAC"]
I then did a grep:
$> grep 960017 /etc/httpd/modsecurity.d/*.conf /etc/httpd/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf:SecRule REQUEST_HEADERS:Host "^[\d\.]+$" "deny,log,auditlog,status:400,msg:'Host header is a numeric IP address', severity:'2',id:'960017'"I had found the rule causing the problem and commented it out. I hope there is a beeter solution, perhaps a better rule ???
