[mod-security-users] Problem with url parsing

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

First of all: sorry for my english.

Ten days ago, after a "replacement", my provider has installed (or updated? 
i don't know) mod_security. But there are some problem now.

In my discussion forum, people get lots of error 403 (forbidden). 
I think the problem are this filters:

# WEB-ATTACKS /bin/ps command attempt
SecFilter "/bin/ps"

# WEB-ATTACKS ps command attempt
#SecFilterSelective THE_REQUEST "ps" chain #SecFilter\x20" "deny,log"

# WEB-ATTACKS /usr/bin/id command attempt SecFilterSelective THE_REQUEST
"/usr/bin/id" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS echo command attempt
SecFilterSelective THE_REQUEST "/bin/echo" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS kill command attempt
SecFilterSelective THE_REQUEST "/bin/kill" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS chmod command attempt
SecFilterSelective THE_REQUEST "/bin/chmod" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS chgrp command attempt
SecFilterSelective THE_REQUEST "/chgrp" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS chown command attempt
#SecFilter "/chown"
#SecFilter "\x20"

# WEB-ATTACKS chsh command attempt
SecFilter "/usr/bin/chsh"

# WEB-ATTACKS tftp command attempt
SecFilterSelective THE_REQUEST "tftp" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS /usr/bin/gcc command attempt SecFilterSelective THE_REQUEST
"/usr/bin/gcc" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS gcc command attempt
SecFilterSelective THE_REQUEST "gcc\" chain SecFilter "x20-o" "deny,log"

# WEB-ATTACKS /usr/bin/cc command attempt SecFilterSelective THE_REQUEST
"/usr/bin/cc" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS cc command attempt
#SecFilterSelective THE_REQUEST "cc" chain #SecFilter "\x20"

# WEB-ATTACKS /usr/bin/cpp command attempt SecFilterSelective THE_REQUEST
"/usr/bin/cpp" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS cpp command attempt
SecFilterSelective THE_REQUEST "cpp" chain SecFilter "\x20" "deny,log"
# WEB-ATTACKS /usr/bin/g++ command attempt SecFilterSelective THE_REQUEST
"/usr/bin/g\+\+" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS g++ command attempt
SecFilterSelective THE_REQUEST "g\+\+\x20" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS bin/python access attempt SecFilterSelective THE_REQUEST
"bin/python" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS python access attempt
#SecFilter "python\x20"

# WEB-ATTACKS bin/tclsh execution attempt SecFilter "bin/tclsh"

# WEB-ATTACKS tclsh execution attempt
SecFilter "tclsh8\x20"

# WEB-ATTACKS bin/nasm command attempt
SecFilter "bin/nasm"

# WEB-ATTACKS nasm command attempt
SecFilter "nasm\x20"

# WEB-ATTACKS /usr/bin/perl execution attempt SecFilter "/usr/bin/perl"

# WEB-ATTACKS perl execution attempt
#SecFilterSelective THE_REQUEST "perl" chain #SecFilter "\x20" "deny,log"

#curl protection
SecFilter "curl\x20"

# WEB-ATTACKS traceroute command attempt SecFilterSelective THE_REQUEST
"traceroute" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS ping command attempt
SecFilterSelective THE_REQUEST "/bin/ping" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS netcat command attempt
#SecFilter "nc\x20"

# WEB-ATTACKS nmap command attempt
#SecFilter "nmap\x20"

# WEB-ATTACKS X application to remote host attempt 
SecFilter "\x20-display\x20"

# WEB-ATTACKS mail command attempt
SecFilterSelective THE_REQUEST "/bin/mail" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS /bin/ls command attempt
SecFilterSelective THE_REQUEST "/bin/ls" chain SecFilter "\x20" "deny,log"

# WEB-ATTACKS /etc/inetd.conf access
SecFilter "/etc/inetd\.conf" log,pass

# WEB-ATTACKS /etc/motd access
SecFilter "/etc/motd" log,pass
# WEB-ATTACKS conf/httpd.conf attempt
SecFilter "conf/httpd\.conf" log,pass 

And in particular:

# WEB-ATTACKS ps command attempt
#SecFilterSelective THE_REQUEST "ps" chain #SecFilter\x20" "deny,log"

# WEB-ATTACKS cc command attempt
#SecFilterSelective THE_REQUEST "cc" chain #SecFilter "\x20"

# WEB-ATTACKS perl execution attempt
#SecFilterSelective THE_REQUEST "perl" chain #SecFilter "\x20" "deny,log"

I copy and past this after a quick serch on google, I not take them from my
server config.

The problem is that when user of the bullettin board try to send message with a
"cc ", "ps ", "perl " in it, they got a 403 error.

For example if i try to send the message:
"Disable caps lock key"

It return an error for the "ps "

"perl is a great lenguage" (403 forbidden)

"1, 2, 3, ecc ecc" (403 forbidden) 
(ecc is "etc" in italian and is used very often)

"ps (post scriptum): bla bla bla" (403 forbidden)

It's a big problem for me, what I can do with this????
please let me know something