Solved: Access denied with code 400 (phase 2).

When I restarted my apache server. I am using the fedora 9 here.

I did not get my default page opened in browser.
When I opened the apache error log file. I saw following error.

ModSecurity: Access denied with code 400 (phase 2). Pattern match “%0[ad]” at REQUEST_HEADERS:Cookie. [id “950910”] [msg “HTTP Response Splitting Attack. Matched signature <%0a>”] [severity “ALERT”] [hostname “localhost”] [uri “/”] [unique_id “SuWoGH8AAAEAAFF3rKEAAAAA”]

I after doing some R&D but I did not got any perfect soluction.
Then I cleared the whole browser cookies. That solves my problem.

solution – clear the browser cookies…


solved: [warn] _default_ VirtualHost overlap on port 80, the first has precedence

Here I am using the Fedora 9 for this example.

If you want to host many sites on one computer or machine.
I added following lines to httpd.conf file(end of file).

<VirtualHost  *:80>

Options +FollowSymLinks
DocumentRoot /var/www/html/example1

</ VirtualHost>

<VirtualHost  *:80>

Options +FollowSymLinks
DocumentRoot /var/www/html/example2

</ VirtualHost>

When I restarted the apache server using following command.
#/etc/init.d/httpd restart

I got the following error;
[warn] _default_ VirtualHost overlap on port 80, the first has precedence

Again I opend the httpd.conf tile and I read following lines;
# Use name-based virtual hosting.
#NameVirtualHost *:80

# NOTE: NameVirtualHost cannot be used without a port specifier
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.

Than only I uncommented following line and restarted the Server.

NameVirtualHost *:80

My promlem get solved.

Ref URL: