View Single Post
  #10  
Old 13th September 2012, 17:57
Wisdown Wisdown is offline
Member
 
Join Date: Aug 2012
Posts: 82
Thanks: 7
Thanked 2 Times in 2 Posts
Default

After some reasearch i found where are the real logs of apache, seems they still on this place:

/var/log/ispconfig/httpd/mydomain.com/error.log

On the log i noticed this:

Quote:
[warn] RSA server certificate wildcard CommonName ( CN ) `*.mydomain.com' does NOT match server name!?

[warn] RSA server certificate wildcard CommonName ( CN ) `*.mydomain.com' does NOT match server name!?

[error] [client XXX.XXX.XXX.XXX] ModSecurity: Access_denied with code 403 (phase 4). Pattern match "(?:\\b( ?:f( ?:tp_( ?:nb_ ) ? ) )"
[Thu Sep 13 10:33:59 2012] [error] [client XXX.XXX.XXX.XXX] ModSecurity: Access denied with code 403 ( phase 4 ) . Pattern match "( ?:\\b ( ?:f ( ?:tp_( ?:nb_ ) ?f? ( ?:ge|pu ) t|get ( ?:s?s|c ) |scanf|write|open|read ) |gz( ? ?:encod|writ)e|compress|open|read)|s( ?:ession_start|candir ) |read ( ?: ( ?:gz ) ?file|dir ) |move_uploaded_file| ( ?roc_|bz ) open ) |\\$_( ?: ( ?os|ge ) t|session ) ) \\b" at RESPONSE_BODY. [file "/etc/apache2/mod-security/modsecurity_crs_50_outbound.conf"] [line "64"] [id "970015"] [msg "PHP source code leakage"] [severity "WARNING"] [tag "LEAKAGE/SOURCE_CODE"] [hostname "mydomain.com"] [uri "/phpmyadmin/Documentation.html"] [unique_id "UFHgx8CoZAMAAG5ETOUAAAAE"]
So the * certificate is useless then?
I mean, i will need do an new certificate specific for web.server.com, for db.server.com, etc... ???
Reply With Quote