使用http:// hostname工作从另一台计算机访问apache但是http:// ipaddress给403禁止

时间:2018-03-13 18:17:36

标签: http-status-code-403 apache2.4 windows-subsystem-for-linux

我使用Apache Version 2.4.7(Ubuntu)[IP:192.168.1.10]在Windows 10上运行WSL,使用http://192.168.1.10从IP:192.168.1.107访问时出现403禁止错误,但是, http://mmtserver有效。当我从.107 ping mmtserver时,它给了我来自fe80 :: 65a5:53a6的回复:cf99:5644%6 [也许是IPv6问题?]。我已经尝试了一些关于允许,拒绝和允许所有人的变化,但是继续提出403s。我用Google搜索并搜索了类似的stackoverflow 403问题,但似乎无法找到适合我的解决方案。有什么建议吗?

以下是/ etc / hosts,/ etc / apache2 / apache.conf,/ etc / apache2 / enable-sites / 000-default.conf和/etc/apache2/ports.conf.

的/ etc /主机

imagesc

/etc/apache2/apache2.conf中

127.0.0.1       localhost
192.168.1.10    mmtserver

/etc/apache2/ports.conf 

ServerName 192.168.1.10:80
<Directory />
        Options Indexes FollowSymLinks Includes ExecCGI
        AllowOverride None
        Require all granted
</Directory>

<Directory /usr/share>
        AllowOverride None
        Require all granted
</Directory>

<Directory /var/www/>
        Options Indexes FollowSymLinks Includes ExecCGI
        AllowOverride All
        Require all granted
</Directory>

的/ etc / apache2的/网站启用/ 000-默认

Listen 192.168.1.10:80

1 个答案:

答案 0 :(得分:0)

的/ var /数/ apache2的/ error_log中

[Thu Mar 15 08:01:14.560826 2018] [:error] [pid 848] [client 192.168.1.107] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/usr/share/modsecurity-crs/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "98"] [id "960017"] [rev "2"] [msg "Host header is a numeric IP address"] [data "192.168.1.10"] [severity "WARNING"] [ver "OWASP_CRS/2.2.8"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"] [hostname "192.168.1.10"] [uri "/favicon.ico"] [unique_id "Wqpumn8AAQEAAANQZyMAAAAA"]

/usr/share/modsecurity-crs/base_rules/modsecurity_crs_21_protocol_anomalies.conf中的第98行注释

#SecRule REQUEST_HEADERS:Host "^[\d.:]+$" "phase:2,rev:'2',ver:'OWASP_CRS/2.2.8',maturity:'9',accuracy:'9',t:none,block,msg:'Host header is a numeric IP address',logdata:'%{matched_var}',severity:'4',id:'960017',tag:'OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST',tag:'WASCTC/WASC-21',tag:'OWASP_TOP_10/A7',tag:'PCI/6.5.10',tag:'http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/IP_HOST-%{matched_var_name}=%{matched_var}"

重新启动apache2,http://ipaddress现在正常工作

相关问题
最新问题