ModSecurity: Output filter: Failed to read bucket

2019-02-17 01:24发布

问题:

I'm doing a POST request to a rest service made with django and piston uploading a file, but when I do the request i get this (strange?) error:

[Sun Jul 04 16:12:38 2010] [error] [client 79.39.191.166] ModSecurity: Output filter: Failed to read bucket (rc 104): Connection reset by peer [hostname "url"] [uri "/api/odl/"] [unique_id "TDEVZEPNBIMAAGLwU9AAAAAG"]

What does it mean? And how can I debug it?

回答1:

Output filtering is a way for an administrator to check all text that go through Apache for a specific set a strings, and then block those requests.

You have two options:

  1. Look at the mod_security filter rules inside your apache config.
  2. Remove half of your text from your output, and see if it works or not. If it did, the problem string is inside that block of text. Repeat with smaller and smaller chunks of text until you have found the offending string.


回答2:

I believe you need to implement CRSF protection as per https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ajax