Mod_security is sometimes blocking my ajax script - how can I find out why?

Question

I\'ve built some kind of CMS application using php and mysql. Everything has worked perfectly on localhost, so I\'ve moved it to the web. Now I\'m experiencing strange probl

Answer 1

mod_security is able to log all blocks in a log file. You can see in that log file exactly what rule it was.

Answer 2

In most cases I use the log file as pointed out by Emil.

mod_Security creates two separate log files and also Apache reports the error in its own logs. Both can be useful. Actually, if you find the error in Apache it should give you the mod_security file and line number of the rule that prevented your POST to work.

Now, in most cases they detected an invalid header, generally something's missing that is expected by the HTTP protocol (although they test some things that are not required but are there 99.9% of the time.)

Of the two files offered by mod_security, it is not unlikely that one of them is not created: the audit file which uses a very large amount of disk space as it writes all the details of the transaction to disk.

In case of a POST, the number of variables or if a variable is not correctly defined is a common error detected by mod_security.

On Ubuntu (Debian) the log files end up under /var/log/apache2/... (Apache output) and /var/log/apache2-more/... (mod_security).