You get blocked. The bluecoat proxy forwards your "X-forwarded for" header to the Google Reader, then, finally when you click on the link to come to my website, Google forwards your internal IP.
Which mod_security didn't like:
"!^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-
9][0-9]?)|)|unknown)$" at HEADER("X-FORWARDED-FOR")
It doesn't like you. I commented out the rule, so everything should be fine now.
2 comments:
What rules are you using? I think that the rule is not part of ModSecurity Core Rule Set, so many may not be using it. Do you have other rules you had to comment out?
Ofer Shezaf
ModSecurity Core Rule Set Project Leader
I don't think it's one of the default sets. I have many many many custom rules that I have received from all over the net. This is most likely one of those.
Post a Comment