Acme Evil

The apache web server at Fedora Core 9 has default setting by used mod_security. After we normal install apache web server, we can't use http://ip.address/ to connect and must use http://ip.address:80 or http://hostname.domain/ . It's caused by the apache security setting with mod_security. We can disable it.

#vi /etc/httpd/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf

and find the line

SecRule REQUEST_HEADERS:Host "^[\d\.]+$" "deny,log,auditlog,status:400,msg:'Host header is a numeric IP address', severity:'2',id:'960017'"

use # to mark(disable) it.

#service httpd restart

then you can use ip address to visit it.

----------------------------------------

裝好Fedora Core 9之後，打開appache server發現無法使用IP直接訪問網站，必須使用http://ip:80 或者是 http://hostname.doamain才行。查了文件才發現原來是新版本的有加上mod_security 的功能，然後在看一下mod_security的設定，發現只要取消某一項規則就可以了。

#vi /etc/httpd/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf

找到下面這一行敘述

SecRule REQUEST_HEADERS:Host "^[\d\.]+$" "deny,log,auditlog,status:400,msg:'Host header is a numeric IP address', severity:'2',id:'960017'"

把它mark起來(在最前頭加個#)

#service httpd restart

重新啟動httpd之後，就可以直接使用IP瀏覽網站了。

P.S.：有關ModSecurity的文件，可至ModSecurity® Reference Manual