Re: [mod-security-users] Directive SecUploadApproveScript
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Directive SecUploadApproveScript
|
From: Ivan R. <iv...@we...> - 2005-11-04 13:21:03
|
Tomas Hidalgo Salvador wrote: > Ivan Ristic wrote: > >> SecUploadApproveScript does not support a custom action list yet. >> (I've added your request to my TODO list too). >> >> Try something like this (just an idea, I haven't tried it myself): >> >> <Location /path/to/your/upload/script> >> SecFilterDefaultAction ... >> SecUploadApproveScript ... >> </Location> > > I have test the following option in my apache. It has not worked. :-( > Also I have proven the same configuration without the option of SecFilterInheritance. > The mod_security-action would have to be 444, instead of 403. > > a) > <Directory "/myscripts"> > SecFilterInheritance Off > SecFilterDefaultAction "pass,log,status:444" > SecUploadApproveScript /myscripts/verificar_upload_webmail.pl > Options FollowSymLinks > AllowOverride None > Order allow,deny > Allow from all > </Directory> "status" only works if it is used together with "deny". If you use "pass" ModSecurity won't do anything about a problem it encounters. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |
