1

Apache mod_security: Protocol anomaly being triggered by Mod_PageSpeed. FP?

view story
linux-howto

http://unix.stackexchange.com – I have this same problem but i couldn't find an answer: We run Google mod_pagespeed to improve performance through caching and HTML/CSS re-writing. The following rule has triggered: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsecurity.d/crs/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "2.2.1"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] On inspecti (HowTos)