Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SecStatusEngine: StatusEngine sends invalid hostname and fails (ModSec 2.8.0 on Apache 2.2.27) #714

Closed
skurtn opened this issue May 5, 2014 · 1 comment
Closed

SecStatusEngine: StatusEngine sends invalid hostname and fails (ModSec 2.8.0 on Apache 2.2.27) #714

skurtn opened this issue May 5, 2014 · 1 comment
Assignees
@zimmerle
Labels
bug It is a confirmed bug
Milestone
v2.9.0-RC1

Comments

@skurtn
Copy link
Contributor

skurtn commented May 5, 2014

NOTE: I replaced our unique id with all X's, then re-encoded with Base32, because I'm unsure as to the privacy implications of the unique id. Otherwise, this error condition is identical in our error logs.

Apache 2.2.7 error_log output:

[Mon May 05 12:13:55 2014] [notice] ModSecurity: StatusEngine call: "2.8.0,Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4,1.5.0/1.5.0,8.21/8.21 2011-12-12,Lua 5.1,2.9.0,XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX”
[Mon May 05 12:13:55 2014] [notice] ModSecurity: StatusEngine call failed. Query: GIXDQLRQFRAXAYLDNBSS6MROGIXDENZA.FBKW42LYFEQG233EL5ZXG3BPGIXDELRS.G4QE64DFNZJVGTBPGEXDALRRMUWWM2LQ.OMQG233EL5RHO3DJNVUXIZLEF4YS4NBM.GEXDKLRQF4YS4NJOGAWDQLRSGEXTQLRS.GEQDEMBRGEWTCMRNGEZCYTDVMEQDKLRR.FQZC4OJOGAWFQWCYLBMFQWCYLBMFQWCY.LBMFQWCYLBMFQWCYLBMFQWCYLBMFQWCY.LBMFQWCYLBMA.1399310035.status.modsecurity.org

Command-line host output:

$ host GIXDQLRQFRAXAYLDNBSS6MROGIXDENZA.FBKW42LYFEQG233EL5ZXG3BPGIXDELRS.G4QE64DFNZJVGTBPGEXDALRRMUWWM2LQ.OMQG233EL5RHO3DJNVUXIZLEF4YS4NBM.GEXDKLRQF4YS4NJOGAWDQLRSGEXTQLRS.GEQDEMBRGEWTCMRNGEZCYTDVMEQDKLRR.FQZC4OJOGAWFQWCYLBMFQWCYLBMFQWCY.LBMFQWCYLBMFQWCYLBMFQWCYLBMFQWCY.LBMFQWCYLBMA.1399310035.status.modsecurity.org
host: 'GIXDQLRQFRAXAYLDNBSS6MROGIXDENZA.FBKW42LYFEQG233EL5ZXG3BPGIXDELRS.G4QE64DFNZJVGTBPGEXDALRRMUWWM2LQ.OMQG233EL5RHO3DJNVUXIZLEF4YS4NBM.GEXDKLRQF4YS4NJOGAWDQLRSGEXTQLRS.GEQDEMBRGEWTCMRNGEZCYTDVMEQDKLRR.FQZC4OJOGAWFQWCYLBMFQWCYLBMFQWCY.LBMFQWCYLBMFQWCYLBMFQWCYLBMFQWCY.LBMFQWCYLBMA.1399310035.status.modsecurity.org' is not a legal name (ran out of space)
@zimmerle zimmerle added this to the v2.8.1-RC1 milestone May 6, 2014
@zimmerle zimmerle self-assigned this May 6, 2014
zimmerle pushed a commit that referenced this issue Nov 4, 2014
Trims long `apache version' in the status call
09eec10 
As reported at #714 status calls with long `apache version' name was broken.
DNS queries cannot be so long. This field is now limited to 25 characters
which is a valid size when encoded into base32
@zimmerle
Copy link
Contributor

zimmerle commented Nov 4, 2014

Closed in our branch "master".

@zimmerle zimmerle closed this as completed Nov 4, 2014
zimmerle pushed a commit that referenced this issue Nov 14, 2014
Trims long `apache version' in the status call
8305600 
As reported at #714 status calls with long `apache version' name was broken.
DNS queries cannot be so long. This field is now limited to 25 characters
which is a valid size when encoded into base32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zimmerle zimmerle

Labels
bug It is a confirmed bug
Projects
None yet
Milestone
v2.9.0-RC1
Development

No branches or pull requests
2 participants
@zimmerle @skurtn