[mod-security-users] lots of trouble with the new "41" rules
Brought to you by:
victorhora,
zimmerletw
From: turgut k. <tu...@ka...> - 2010-01-11 06:32:10
|
I recently upgraded the modsecurity 2.something to the latest version. But these two rulesets are giving me much headache: modsecurity_crs_41_phpids_converter.conf modsecurity_crs_41_phpids_filters.conf For example, a plain HTML web site, but the JPG files are oddly named: http://www.learningpracticalturkish.com/yasemin-unlu--movie-cover--koylu-kizi150x147.jpg Dumps over a page of "Messages:" in the audit file, talking about probably a dozen rules or so that are broken. The following dynamic site, is likewise: http://noroloji.biz/index.php?option=com_content&view=article&id=46&Itemid=97 ... belches pages and pages of code, even at debug level 3. The web server has over 300 hostings - Joomla, PhpNuke, Wordpress, homebrew, and plain HTML. I spent two days editing out the core rules, but finally had to give up on the "phpids" rulesets altogether. Was there an easier way? Thanks! -turgut |