From b90325cb718547189f8ac6d87aae22f7226b67f8 Mon Sep 17 00:00:00 2001 From: brenosilva Date: Wed, 24 Nov 2010 13:13:29 +0000 Subject: [PATCH] Better alert from SecReadStateLimit --- CHANGES | 2 +- apache2/mod_security2.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index bc01726c..932a7a97 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,6 @@ 22 Nov 2010 - 2.5.13-dev3 - * Add SecReadStateLimit to limit the number of BUSY connections + * Add SecReadStateLimit to limit the number threads in BUSY connections per ip address * Fixed redirect action was not expanding macros in chained rules diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c index 1e9ca804..4e14617c 100644 --- a/apache2/mod_security2.c +++ b/apache2/mod_security2.c @@ -1116,7 +1116,7 @@ static int hook_connection_early(conn_rec *conn) } if (ip_count > conn_read_state_limit) { - ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "ModSecurity: Access denied with code 400. Too many connections [%d] of %ld allowed in READ state from %s - Possible DoS Consumption Attack [Rejected]", ip_count,conn_read_state_limit,conn->remote_ip); + ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "ModSecurity: Access denied with code 400. Too many threads [%d] of %ld allowed in READ state from %s - Possible DoS Consumption Attack [Rejected]", ip_count,conn_read_state_limit,conn->remote_ip); return OK; } else { return DECLINED;