Re: [mod-security-users] Blocking virus upload not working
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Blocking virus upload not working
|
From: Thorsten K. <tho...@th...> - 2013-08-16 09:22:41
|
* Josh Amishav-Zlatin (Fri, 16 Aug 2013 11:50:10 +0300) > On Fri, Aug 16, 2013 at 11:10 AM, Thorsten Kampe > <tho...@th...>wrote: > > I'm using ModSecurity on Ubuntu 12.04 LTS in connection with Apache > > (versions see below). I'd like > > to scan file uploads for viruses using modsec-clamscan.pl from here[1]. > > > > This is what I configured: > > > > - changed "--disable-summary" in modsec-clamscan.pl to "--no-summary" > > > > - set in /etc/modsecurity/modsecurity.conf > > > > "SecRuleEngine On" > > What is your SecDefaultAction directive set to? There is no value called "SecDefaultAction" in modsecurity.conf (neither commented nor uncommented). > Alternatively, what happens if you change the block (which inherits the default action) to deny? I start getting the following message trying to upload Eicar: """ Forbidden You don't have permission to access /persis/main on this server. """ That looks like it's working now. Now I only need to figure out if it's possible to change the error message. Thanks, Thorsten |
