mod_security2 sigh

Written by James McDonald

September 14, 2011

Good Concept Just be prepared for head scratching

I had a post with this as the URL /it-tips/getting-screenshots-working-the-way-i-like-in-lxde couldn’t access with mod_security running.

The reason it didn’t like the word “like” in the Permalink tag.

So I’ve changed it to /it-tips/getting-screenshots-working-the-way-i-prefer-in-lxde and now it’s happy.

Seems to me that mod_security is a very good product because it stops so much bad gunk getting through but you have a burden of maintenance and false positives.

I will have to buy a mod_security book and learn the rule syntax so I can work around or whitelist URL’s without turning off the rules by adding “SecRuleRemoveById” to a httpd conf file followed by the offending rules e.g.

SecRuleRemoveById 123456 789101 121314

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

You May Also Like…

How to Research a CPU Upgrade

How to Research a CPU Upgrade

Upgrade Time! Doing a lot of VMWare Workstation virtualization to create labs for self-study and training. Finding...