Re: [mod-security-users] mod_security causing Apache 1.3.33 to hang
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] mod_security causing Apache 1.3.33 to hang
|
From: Ivan R. <iv...@we...> - 2006-01-11 19:46:04
|
Servedio, Allen (Matrix) wrote: > Hi, > > I am new to using mod_security so there is a high probability that I > messed something up with my configuration. But, I am able to get Apache > to hang (consistently) while using mod_security by posting the form > below (it is from a security scanning tool, in case the values look > fishy :-) ). I would appreciate any insight as to what is causing this > to hang. If I remove mod_security the same request passes through just fine. I am unable to re-create the problem here (1.3.3 + mod_ssl 2.8.22, running on Debian 3.1). Did you compile mod_security before or after mod_ssl installation? mod_ssl for Apache 1.3.x actually patches the Apache source code and changes the API? Many modules work after the patch on Linux but I don't know about Solaris. > SecFilterDefaultAction "deny,log,redirect:/" Strictly speaking redirects should be supplied with a full URL. For example: redirect:http://www.example.com/ However, I notice that even / works and redirects the user to the root of the web site. There's nothing unusual in your configuration. -- Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com Tel: +44 20 8141 2161, Fax: +44 87 0762 3934 |
