Can anybody tell me what these rule violations mean? or at least point me to a useful resource.
An app I wrote was working perfectly until yesterday. On further investigation I got the following from the hosting company. I have seen the offending rules to be 340006 and 340007.
I quickly went to the hardened-PHP website to find out what it means. On the troubleshooting page I got:
This page will later be filled with information about problems with other extensions.
I duly clicked the support forum link and got:
We are in the process of moving this site. Therefore the forums are temporarily down for maintenance. Please try again in a few days.
Ah problem. Not even Google Search could help me.
NOTE: Add cursing, screaming and kicking as necessary :).
These violations come from mod_security. They mean your site has a path recursion in the URI:
Rule 340006: generic recursion signatures
SecRule REQUEST_URI "!(?:alt_mod_frameset.php|checkout_shipping.php)" \ "t:normalisePath,id:340006,rev:4,severity:2,msg:'Generic Path Recursion denied', chain" SecRule REQUEST_URI "../../"
Rule 340007: generic recursion signatures
SecRule REQUEST_URI ".\|./.\|./.\|" \ "t:normalisePath,id:340007,rev:1,severity:2,msg:'Generic Path Recursion denied'"
source: http://static.askapache.com/htaccess-files/modsec-htaccess/10_asl_rules.conf