CRS are sometimes paranoid

Your logs contains some false-positive after activation of OWASP ModSecurity Core Rule Set (CRS).

You want to “whitelist” a specific IP on a specific CRS ?

1. Identify the false positive.

2. Whiteliste the IP.

Many mails servers listening

You have just migrate from sendmail to postfix and when you try to send a mail (ex: mail -s “Why are you so serious” joker@vg5000.org < /dev/null) you get the error :

That’s probably because sendmail is still alive and LISTENING (check this with a netstat command).

One-liner style :

 

Old fashion style :

1. Kill the process

2. Restart postfix