Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 20th October 2006, 15:47
gabrix gabrix is offline
Senior Member
 
Join Date: Sep 2006
Location: Napoli
Posts: 186
Thanks: 2
Thanked 0 Times in 0 Posts
Send a message via MSN to gabrix Send a message via Yahoo to gabrix Send a message via Skype™ to gabrix
Cool mod security exclude list.

i have a bunch of mod security directives anti xxs etc.because i work with joomla and mambo there is also an exclude file where a directive 'SecFilterRemove' should allow me to work with this cms but ...
Code:
Invalid command 'SecFilterRemove', perhaps mis-spelled or defined by a module not included in the server configuration
... this is the error i get !What's the right directive to exclude in mod security ... ????
Reply With Quote
Sponsored Links
  #2  
Old 21st October 2006, 21:18
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Where exactly did you put the SecFilterRemove directive?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 22nd October 2006, 05:18
gabrix gabrix is offline
Senior Member
 
Join Date: Sep 2006
Location: Napoli
Posts: 186
Thanks: 2
Thanked 0 Times in 0 Posts
Send a message via MSN to gabrix Send a message via Yahoo to gabrix Send a message via Skype™ to gabrix
Default

i used an include /etc/apache2/conf.d/modsecurity.conf
file and these are the codes:

Quote:
#generic PHP forum posting exclusion
<LocationMatch "/posting.php">
SecFilterRemove 300013
</LocationMatch>

#PhpMyadmin
<LocationMatch "/tbl_change.php">
SecFilterRemove 300016
</LocationMatch>

#/xde/managecontent.php
<LocationMatch "/xde/managecontent.php">
SecFilterRemove 300016
</LocationMatch>

Last edited by gabrix; 22nd October 2006 at 05:21.
Reply With Quote
  #4  
Old 23rd October 2006, 17:02
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
 
Default

I've found this on http://www.g-loaded.eu/2006/08/24/modsecurity-overview/ :

Quote:
SecFilterRemove

This directive is the exact opposite of SecFilterImport. It has a meaning only if SecFilterInheritance has not been disabled in a particular context and works only for filters that have not been marked for mandatory inheritance (see below). It accepts a space-delimited list of rule IDs and can be used to explicitly disable inherited filters.
Maybe you broke one of these rules?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Fedora Core 5 ISP, Major Problems jnolla HOWTO-Related Questions 33 6th June 2007 15:01
mail problem Mahir Installation/Configuration 16 24th April 2007 20:22
Logging in to isp config Jrdgames General 43 6th March 2006 19:04
ISPCONFIG installed :81 broke leadrescue Installation/Configuration 13 26th February 2006 16:59
Totally Confused?? :( kingtux Installation/Configuration 7 9th February 2006 22:14


All times are GMT +2. The time now is 22:07.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.