Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Mod_Security and CDIR addresses |
|
| Author |
|
coronad0
Joined: 12 May 2015
Posts: 3
Location: CO
|
 Posted: Tue 23 Aug '16 17:41 Post subject: Mod_Security and CDIR addresses |
 |
|
We do quite a bit of IP blocking in mod_sec using:
SecRULE REMOTE_ADDR "@ipMatchFromFile blah.txt"
And I've run into a bug where any CIDR address that ends in /32, meaning just the single IP, or any address that ends with a single digit, like /8, throws an error when performing a httpd -t for validation.
I've found a work around in our ip match files for /32 addresses by just deleting the /32, but for the single digits, as in the case of /8, I have no work around and that /8 represents some 8.3 million addresses. A pretty huge security risk for a block I need to add.
Anyone else run into this or find a work around? |
|
| Back to top |
|
admin
Site Admin
Joined: 15 Oct 2005
Posts: 692
|
|
| Back to top |
|
|
|
|
|
|
