[mod-security-users] Subversion (WebDAV?)
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] Subversion (WebDAV?)
|
From: Bryce F. <br...@be...> - 2006-03-23 02:08:58
|
Having an issue trying to get Subversion access to work with mod_security. Access to Subversion works great when I have ModSecurity disabled, but when I enable it, I get the error: PUT of '/svn/TestRepo/!svn/wrk/..../trunk/file1': 403 Forbidden (http://www= . <mydomain>.com) I have the following rules setup for ModSecurity: # Enable mod_security SecFilterEngine On # Retrieve request payload SecFilterScanPOST On # Reasonable automatic validation defaults SecFilterCheckURLEncoding On SecFilterCheckCookieFormat Off SecFilterNormalizeCookies Off SecFilterCheckUnicodeEncoding Off # Accept almost all byte values SecFilterForceByteRange 0 255 # Reject invalid requests with status 403 SecFilterDefaultAction deny,log,status:403 # Only record the relevant information SecAuditEngine RelevantOnly SecAuditLog /var/log/httpd/audit_log # Where to store temporary and intercepted files SecUploadDir /var/log/httpd/files # Do not store intercepted files for the time being SecUploadKeepFiles Off # Use 0 for the debug level in production # and 4 for testing SecFilterDebugLog /var/log/httpd/modsec_debug_log SecFilterDebugLevel 4 SecServerSignature "Microsoft-IIS/5.0" =3D=3D=3D=3D END =3D=3D=3D=3D=3D And the following rule specified for the location where the Subversion repository is: <Location /svn/TestRepo> SecFilterInheritance OFf DAV svn SVNPath /usr/local/src/TestRepository <LimitExcept GET PROPFIND OPTIONS REPORT> AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/httpd/passwd/passwords Require valid-user </LimitExcept> </Location> =3D=3D=3D=3D END =3D=3D=3D=3D Any help appreciated. THanks Bryce |
