Re: [mod-security-users] more on clamAV and mod_security
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] more on clamAV and mod_security
|
From: Ivan R. <iv...@we...> - 2005-11-23 18:01:15
|
Justin Grindea wrote:
> hi,
>
> [23/Nov/2005:19:46:47 +0200]
> [XXX/sid#810a3c8][rid#8248ee0][/src/compose.php][2] Approver script
> said: 0 Unable to parse clamscan output
> [/tmp/webfiles/20051123-194646-xxx.xxx.xxx.xxx-: Empty file]
>
> ...
>
> maybe empty files can be ignored and modsec can check if return is 1 or
> anything else?
It's supposed to work that way. They appear to have changed the
format of the error message.
Try chaning this line (in modsec-clamav.pl):
if ($error_message =~ m/: Empty file\.$/) {
to
if ($error_message =~ m/: Empty file$/) {
--
Ivan Ristic
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org
|
