The Apache Haus Forum

Advanced search  

News:

Welcome to Apache Haus Distribution Forum

Pages: [1]   Go Down

Author Topic: Mod Security: The receiving end of your own joke.  (Read 3549 times)

Gregg

  • Administrator
  • Member Elite
  • *****
  • Offline Offline
  • Posts: 837
Mod Security: The receiving end of your own joke.
« on: November 18, 2008, 10:38:54 AM »

I've gone through my mod security core rules and changed most deny status codes to some of the undefined numbers. I have special error documents configured for them which Apache happily serves.

I was updating some records on a mysql database and was having no problems till this one record. All I'd get when I tried to edit it was a blank frame in phpMyAdmin. After a couple tries I finally looked at the frame source for clues, that's when I saw it, just one thing showing;

<PUTZ>

I had to laugh!
« Last Edit: November 18, 2008, 10:41:11 AM by glsmith »
Logged

mario

  • Administrator
  • Member Elite
  • *****
  • Offline Offline
  • Posts: 579
Re: Mod Security: The receiving end of your own joke.
« Reply #1 on: November 20, 2008, 11:01:02 PM »

Which rule caused that cool message?
Logged

Gregg

  • Administrator
  • Member Elite
  • *****
  • Offline Offline
  • Posts: 837
Re: Mod Security: The receiving end of your own joke.
« Reply #2 on: November 20, 2008, 11:09:47 PM »

Let's have a look;

modsecurity_crs_40_generic_attacks.conf"] [line "75"]

remember, as I said, instead of the standard 403 I've change it to 420
ErrorDoccument 420 /error/putz.html

I will say I have had many problems with Mod Security after 2.5.4, 2.5.5 or 6 I had to not use core rules period. I'm seriously thinking of moving back to 2.5.4

Aren't you up rather late? Guss not, only 11pm there
« Last Edit: November 20, 2008, 11:18:12 PM by Gregg »
Logged

mario

  • Administrator
  • Member Elite
  • *****
  • Offline Offline
  • Posts: 579
Re: Mod Security: The receiving end of your own joke.
« Reply #3 on: November 21, 2008, 10:15:22 PM »

You are right, was only 10:38pm when I replied. So I guess my offset to you is 9 hrs?
Logged

Gregg

  • Administrator
  • Member Elite
  • *****
  • Offline Offline
  • Posts: 837
Re: Mod Security: The receiving end of your own joke.
« Reply #4 on: November 23, 2008, 06:53:07 PM »

yes, 9 hours is correct.
Logged
Pages: [1]   Go Up
 

Sitemap 1 2 3 4 5 6 7 8 9 10 11 12 13