mod_security 不阻止空使用者代理請求

我無法讓 mod_security 阻止空的使用者代理請求。我對它不是很了解，所以在搜尋後我發現了這個規則：

SecMarker BEGIN_UA_CHECK
SecRule &REQUEST_HEADERS:User-Agent "@eq 0" \"skipAfter:END_UA_CHECK,phase:2,rev:'1',ver:'OWASP_CRS/2.2.9',maturity:'9',accuracy:'9',t:none,block,msg:'Request Missing a User Agent Header',id:'960009',tag:'OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA',tag:'WASCTC/WASC-21',tag:'OWASP_TOP_10/A7',tag:'PCI/6.5.10',severity:'5',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.notice_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER-%{matched_var_name}=%{matched_var}"
SecRule REQUEST_HEADERS:User-Agent "^$" \"phase:2,t:none,block,msg:'Empty User Agent Header',id:'960006',rev:'1',ver:'OWASP_CRS/2.2.9',maturity:'9',accuracy:'9',tag:'OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA',severity:'5',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.notice_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER-%{matched_var_name}=%{matched_var}"
SecMarker END_UA_CHECK

在位於此處的文件中：/etc/modsecurity/modsecurity_custom_rules.conf

但它只是不會阻止請求……

我錯過了什麼嗎？

解決了添加以下自定義規則：

<Location />
# Block empty User-Agents.
SecRule &REQUEST_HEADERS:User-Agent "@eq 0" \
    "id:'13009',phase:2,t:none,deny,status:406"
SecRule REQUEST_HEADERS:User-Agent "^$" \
    "id:'13006',phase:2,t:none,deny,status:406"
</Location>

我從這裡調整了規則：http ://www.outdoorsxch.com/aa/00.html/usr/local/ssl/local/apache/conf/modsec-imh/40_wordpress.conf

希望這可以幫助某人。

引用自：https://serverfault.com/questions/644490