mihomes - 7:21 pm on Oct 22, 2012 (gmt 0)
Yes, it does, however, it also triggers mod_security. In CSF (firewall) I have it set so after 5 modsec triggers with x seconds the ip is blocked. With that said, I could disable the block when this is triggered, but then other 'legit' modsec triggers would NOT be blocked.
My thought process was somehow make sure modsec is not triggered for invalid https?