a script i’m suing keeps giving an error 503, looked in the erro log and i have it says mod_security apparently prevented it from running because of a pattern match. looking at the pattern, from my understanding, it matched this:
at least one | followed by any char(s) (or no char at all), followed by a space, then any (or no) char(s), then another |
and it deemed that a security risk?..
i must have that wrong tho because the script work half the time, with a query string that always contains two pipe chars.
[Fri Mar 10 06:35:54 2006] [error] [client 18.104.22.168] mod_security: Access denied with code 503. Pattern match “\|+.[\x20].[\x20].*\|” at THE_REQUEST. blah blah blah
another question this brings up, is why my error log is not up-to-date. for some reason i have an error.log that was only last updated hours ago. it only has some “file not found errors”. the errors i mention above are in another access.log.2006-03-10 which obviously was not updated since yesterday. dunno why considering i’ve received the above error a few times today while trying to solve the problem. are the logs only updated once a day somehow?