Update to core rules 1.4.3

rules/blocking/modsecurity_crs_21_protocol_anomalies.conf

@@ -53,3 +53,10 @@ SecRule REQUEST_HEADERS:Content-Length "!^0$"
 # Check that the host header is not an IP address 
 #
 SecRule REQUEST_HEADERS:Host "^[\d\.]+$" "deny,log,auditlog,status:400,msg:'Host header is a numeric IP address', severity:'2',,id:'960017',"
+
+
+# Log a security event when the request is rejected by apache
+#
+SecRule RESPONSE_STATUS ^400$ "t:none,phase:5,chain,log,auditlog,msg:'Invalid request',,id:'960913',severity:'2'"
+SecRule WEBSERVER_ERROR_LOG !ModSecurity
+