OneClick-Console "Heartbeat" is affected when enable Apache ModSecurity Firewall

Document ID : KB000008691
Last Modified Date : 14/02/2018
Show Technical Document Details

CA Spectrum Oneclick-Conole R10.1(++) application at workstation is not showing "red-framed" console in case the OC-server is not reachable or not available anymore. This is seen when the CA Spectrum Apache ModSecurity firewall is enabled. This may cause seeing a OC-Console up and running even the connection to OC-server is lost (or OC-server is down) - and not indicating by "red-framed" OC-Console then.

CA Spectrum Oneclick-Web-Server R10.1(++) for all platforms / OS when enabled ModSecurity Web Application firewall.

When for a CA Spectrum R10.1(or hgiher) Oneclick-Server the ModSecurity Web Application firwall is enabled (see default setup procedure per CA Spectrum R10.1++ documentation : ) then the OC-Console related "Heartbeat" function is blocked. This then will not cause a "red-framed" (status disconnected) OC-Console applcation view anymore when connection from OC-Console to OC-server/service is lost.

Background here is, that between OC-Console and OC-server a heartbeat logic is checking every minute for active communication. 

As a result the OC-Console may look fine but there is no update or communication from OC-server to the OC-Console or versa (i.e. when using / clicking to objects in the OC-Console).


To resolve this Apache Modsecurity application firewall setup problem, the Apache ModSecurity configuration setup needs to be modified. 

The reconfiguration requires to update/modify files:



Find attached document coverning the edits in detail:  Modsecurity_R10.1_enable_heartbeat.pdf

File Attachments: