mod_security breaking ispc
I have debian etch with ispc 2.2.14
I have installed mod_security 2.1.1-0
I am concerned about breaking somthing in ispc.
I found the following in my log file.
The following entry relates to the domain for ispconfig not for hosted domains.
These errors are 'CRITICAL' and I guess it means ispconf will not be able to
do something it need to.
[07/Aug/2007:01:15:13 +1000] [tld.mydomain.com/sid#8292580][rid#856aab8][/]
Warning. Match of "rx OPTIONS" against "REQUEST_METHOD" required. [id "960015"]
[msg "Request Missing an Accept Header"] [severity "CRITICAL"]
After commenting out The above rule, I get the following 'critical' error
[07/Aug/2007:01:19:48 +1000] [tld.mydomain.com/sid#82942b0][rid#857f5f8][/]
Warning. Match of "rx ^((?:(?:POS|GE)T|OPTIONS|HEAD))$" against "REQUEST_METHOD" required. [id "960032"]
[msg "Method is not allowed by policy"] [severity "CRITICAL"]
After comment out both rules, I have no more errors for my ispconfig domain,
however I also do not have those rules being applied to my hosted domains.
Can someone please help with writing a rule to exclude ispconfigs domain only,
so the above rule can be used again.
Thankyou for your time and effort.
ISPC comes with it's own apache webserver. So if you install mod_security on Debian Etch, it is "only" integrated in the distribution's apache serving the webpages, not within ISPC's apache.
|All times are GMT +2. The time now is 22:55.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.