mod_security2 sigh

Written by James McDonald

IT Tips

0 Comments(s)

September 14, 2011

Good Concept Just be prepared for head scratching

I had a post with this as the URL /it-tips/getting-screenshots-working-the-way-i-like-in-lxde couldn’t access with mod_security running.

The reason it didn’t like the word “like” in the Permalink tag.

So I’ve changed it to /it-tips/getting-screenshots-working-the-way-i-prefer-in-lxde and now it’s happy.

Seems to me that mod_security is a very good product because it stops so much bad gunk getting through but you have a burden of maintenance and false positives.

I will have to buy a mod_security book and learn the rule syntax so I can work around or whitelist URL’s without turning off the rules by adding “SecRuleRemoveById” to a httpd conf file followed by the offending rules e.g.

SecRuleRemoveById 123456 789101 121314

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Network speed test host to host

Apr 19, 2024

On Ubuntu / Debian apt-get install iperf3 On Windows download it from https://iperf.fr/iperf-download.php#windows Make...

Clear HSTS Settings in CHrome

Apr 15, 2024

Open chrome://net-internals/#hsts enter the domain in the query field and click Query to confirm it has HSTS settings...