I understand the problem - when your mod_rewrite rule triggers, the browser changes the request method from POST to GET since your rewrite rule is sending a redirect to the browser.  You should try and update your rule so that it does NOT use an absolute URL or try and use the Proxy action [P] in mod_rewrite to get the client to the right file (as the proxy action would maintain the request method).
 
This has nothing to do with modsecurity.
 
--
Ryan C. Barnett
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC
Author: Preventing Web Attacks with Apache

 
On 10/29/06, Mathias Gisch <m.gisch@mx.uni-saarland.de> wrote:

Hi everybody,

 

I am using mod_security for the first time. However, I have the following problem in combination with mod_rewrite:

 

I have a form which posts data via the POST-Method to signup.html. The rewrite enigne rewrites signup.html to index.php?op=news&do=signup. The problem now is that after the rewrite the POST-Data won't arrive at the php script. If i have my form post directly to index.php?op=news&do=signup it works perfectly.

 

I would aprreciate any help.

 

Best regards,

 

            Mathias


-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642

_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users