Missing accept header
-
I’m using this plugin to make my http://www.domain.com and https://subdomain.domain.com work alongside. I’m also using RAMP Deployment plugin to more the post images from development to live site.
The problem that i’m facing is, when I use the HTTPS plugin Apache mod security is blocking request on the live server during my deployment for images. Reason been my request is missing an Accept Header. It work if I deactivate the plugin.
Request example:
[10/Jun/2014:19:26:19 –0600] U5ewOQoBEC0AACalGqQAAAAK 75.183.104.64 46449 10.1.18.72 80
–eed87b3c-B–
GET /wp-content/uploads/image.png HTTP/1.1
Accept-Encoding: gzip, deflate
Host: http://www.domain.com <http://www.domain.com>
User-Agent: null (FlipboardProxy/1.1; +http://flipboard.com/browserproxy)
Connection: close–eed87b3c-F–
HTTP/1.1 200 OK
Last-Modified: Tue, 10 Jun 2014 16:23:52 GMT
ETag: “1221b1-bf3ab-4fb7dc0ea67d9”
Accept-Ranges: bytes
Content-Length: 783275
Connection: close
Content-Type: image/png–eed87b3c-H–
Message: Warning. Match of “rx ^OPTIONS$” against “REQUEST_METHOD” required. [file “/etc/modsecurity/modsecurity/modsecurity_crs_21_protocol_anomalies.con
f”] [line “42”] [id “960015”] [msg “Request Missing an Accept Header”] [severity “CRITICAL”]
Stopwatch: 1402449977958054 1505899 (- – -)
Stopwatch2: 1402449977958054 1505899; combined=735, p1=1, p2=609, p3=63, p4=36, p5=26, sr=37, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.6.3 (http://www.modsecurity.org/).
Server: Apache
- The topic ‘Missing accept header’ is closed to new replies.