Re: [mod-security-users] Directive SecUploadApproveScript
Brought to you by:
victorhora,
zimmerletw
From: Ivan R. <iv...@we...> - 2005-11-03 10:43:51
|
Tomas Hidalgo Salvador wrote: > > This work fine: > > SecUploadApproveScript /usr/local/apache2/bin/verify_upload_webmail.pl > > But, this not work fine: > > SecUploadApproveScript > /usr/local/apache2/bin/verificar_upload_webmail.pl “log,pass” > > The error: > > Syntax error on line 32 of /usr/local/apache2/conf/mod-security.conf: > SecUploadApproveScript takes one argument, The path to the script that > will be called to approve every uploaded file > > How I can control the default action with SecUploadApproveScript? > > I would like to warn the user that its file is infected by virus. SecUploadApproveScript does not support a custom action list yet. (I've added your request to my TODO list too). Try something like this (just an idea, I haven't tried it myself): <Location /path/to/your/upload/script> SecFilterDefaultAction ... SecUploadApproveScript ... </Location> -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |