Anyone experienced a problem with this? My overzealous mod_security blocks the IPN with the following error:
[Mon Feb 24 15:10:07 2014] [error] [client XXXXXXX] ModSecurity: Access denied with code 501 (phase 2). Match of "rx ^Identity$" against "REQUEST_HEADERS:Content-Encoding" required. [file "/usr/local/apache/conf/modsec/10_asl_rules.conf"] [line "44"] [id "340362"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules: ModSecurity does not support content encodings and can not detect attacks using it, therefore it must be blocked."] [severity "WARNING"] [hostname "mydomainQQQ.com"] [uri "/safscom/process.php"] [unique_id "Uwtgz1jQ0Q4AAE8WZqcAAAA2"]
The Safcom IPN data is:
13-03-27 04:23:26.0&text=DH33NA709 Confirmed.on 27/3/13 at 4:23 AMKsh50.00 received
from 254722540222 ALFRED KAYOKO.New Account balance is Ksh8,189.00& mpesa_msisdn=25472254123456&customer_id=5&user=&pass=&routemethod_id=2&routemethod_
name=HTTP&mpesa_code=DH33NA709&mpesa_trx_date=27/3/13&mpesa_trx_time=4:23 AM&mpesa_amt=50.0&mpesa_sender=ALFRED KAYOKO&business_number=66361
Anyone with an idea of the rule that can allow this?