mod_security exec help needed

I am trying to utillize the exec command in the mod_security module but am having no luck.

In my modsec.conf file I have the following configuration setting:
SecFilterDefaultAction "deny,log,status:403,exec:/mod_security.pl"

The mod_security.pl is the equivalent of a hello world program, just writting a few lines to a file as a test.

0755 root root mod_security.pl - For those who wonder mod_security exec help needed

--------- script ---------------
#!/usr/bin/perl
my $time = localtime(time());
open (FILE, ">>/seclog");
print FILE "done at $time\n";
close (FILE);
1;
--------------------------------

When a rule in mod_security activates on a positive hit, the following lines are recorded in my log file, indicating that the script will be executed:

User-Agent: LWP:mod_security exec help neededimple/5.65
mod_security-executed: /mod_security.pl
mod_security-message: Access denied with code 403. Pattern match "wget " at THE_REQUEST.
mod_security-action: 403


But, the script is never fired and I have no understanding as to why. I have moved the script to various directories, changed permissions, and more other things that I can't remember.

This shouldn't be that hard, or so it would seem.

Is there anything easy I am missing or a log file that would catch the reason that the script is failing to execute? I am at my whits end on this one.

John

 

 

 

 

Top