Any Apache2 Modules to avoid?

Discussion in 'General' started by BorderAmigos, Mar 3, 2010.

  1. BorderAmigos

    BorderAmigos New Member

    General question. Want to experiment with different Apache modules. Are there any that are already known to cause problems with ISPConfig 3? Thanks.
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    The only package that causes some problems is mod_security when you use it on the ispconfig interface vhost as ispconfig sends paths like /etc/ in post requests and mod_security thinks that this is a malicius post as normal websites normally do not use system paths in post requests.
     
  3. manarak

    manarak New Member

    Hi, I'm having issues with that as well, but I think mod_security is very useful!

    I am looking for a way to configure Mod_security2 in such manner that it leaves ISPConfig3 alone.
    Does anyone know how to do that?
     
  4. manarak

    manarak New Member

    I'll be replying to my own question.

    locate etc/apache2/sites-available/ispconfig.vhost

    and in the <Virtualhost> section, add

    <IfModule mod_security2.c>
    SecRuleEngine Off
    </IfModule>

    and restart apache

    IMO, this could be a good addition to the ISPConfig default configuration.
     
  5. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    I've added this feature request to our bugtracker.
     
  6. yoplait

    yoplait Member

    Is the problem with mod_security still a problem ? (and on every apache server ?)
    I've never seen any issue on my side about this and I use it since several months...
     
  7. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    As far as I know, the issues only occur if you edit the server settings in the ispconfig interface.
     

Share This Page