Adobe Experience Manager Sites & More

chinmayis865517 · 12/10/25

[Wed Dec 10 09:45:13.890309 2025] [:error] [pid 2475134] [client 103.49.254.72:0] [client 103.49.254.72] ModSecurity: Warning. Pattern match "^(?!/libs/cq/i18n)" at REQUEST_URI. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_ams_14_r4_directory_block_logonly.conf"] [line "11"] [id "230301140"] [msg "[R4-directory-block] Logging invalid access to known AEM built-in pages."] [hostname "www.abc.com"] [uri "/welcome"] [unique_id "aTlBKUqdg0Yfs6Y94BaHEAAAAAM"]

The session becomes invalid after few seconds for a deep link login only in production env. It works fine in the lower env that also has CDN.

arunpatidar · 12/10/25

Hi @chinmayis865517

It seems the welcome url is blocked by a rule written at line 11 in modsecurity_ams_14_r4_directory_block_logonly.conf file. Please check similar thread

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/need-to-know-more-about-th...

Arun Patidar

chinmayis865517 · 12/11/25

Hi @arunpatidar ,

Thank you for the response. There's a query parameter used for deep link. The redirection to the internal links works for the first time. When we go back and redirect to another link it goes to the login page. The query param meter value for the token which is responsible for login shows as null only on production and works fine in the lower env.

muskaanchandwani · 12/14/25

Hello @chinmayis865517

The ModSecurity message you’re seeing is from a log‑only rule that’s monitoring access to certain "special" AEM‑style paths (like /welcome, /admin, etc.).
Because it’s log‑only, it does not block the request or affect the user’s session; it just writes a warning line to the Apache/ModSecurity logs.

So:
- What it means: “This request matched a pattern for a known built‑in/administrative‑style URL; I’m logging it for visibility.”
- What it does: Nothing to the traffic itself (no 403, no session kill), only logging.