Hi I am using ispconfig with webalizer on fedora 8. A was able to view the statistics generated by the webalizer before. After some ispconfig and fedora 8 update cycle now I can't do that. After the usually login (username/pass) at www.xxxxx.com/stats I am getting this error message. 404 Error - File not found! The following error occurred: The requested URL was not found on this server. Please check the URL or contact the Webmaster. The file index.html is definitely there. I've done some experience, so the problem is as follows: Each html file generated by webalizer contains the line <!-- Generated by The Webalizer Ver. 2.01-10 --> However, the file /etc/httpd/modsecurity.d/modsecurity_crs_50_outbound.conf contains the line # Statistics pages revealed SecRule RESPONSE_BODY "\b(?:Th(?:is (?:summary was generated by.{0,100}?(?:w(?:ebcruncher|wwstat)|analog|Jware)|analysis was produced by.{0,100}?(?:calamaris|EasyStat|analog)|report was generated by WebLog)|ese statistics were produced by (?:getsta ts|PeLAB))|[gG]enerated by.{0,100}?[Ww]ebalizer)\b" \ "phase:4,t:none,ctl:auditLogParts=+E,deny,log,auditlog,status:404,msg:'Statistics Information Leakage',id:'970002',s everity:'4'" So this denies the sending of the .html's over the httpd server which is generated by webalizer. I didn't want to make a workaround about this for myself, just suggest to fix it.
this can be fixed by adding the line SecRule REMOTE_ADDR "^xxx.xxx.xxx.xxx$" phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off where xxx.xxx.xxx.xxx is the external "real" ip you want to allow webalizer stats to be show to I would recommend this as this will allow you to still block the stats to unwanted visitors /hacks. instead of removing the line which falko recommended
