Re: [mod-security-users] Subversion (WebDAV?)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Bryce Fischer wrote:
> Having an issue trying to get Subversion access to work with
> mod_security. Access to Subversion works great when I have ModSecurity
> disabled, but when I enable it, I get the error:
> 
> PUT of '/svn/TestRepo/!svn/wrk/..../trunk/file1': 403 Forbidden (
> http://www.<mydomain>.com)

  Is this what you get in the Apache error log? Or from the
  Subversion client? There's probably more information in
  the error log. Increase the debug log to 9:

  SecFilterDebugLevel 9

  and then send your debug log file to me privately
  (/var/log/httpd/modsec_debug_log).

> # Where to store temporary and intercepted files
> SecUploadDir /var/log/httpd/files

  Can the httpd user write to the above location?

> <Location /svn/TestRepo>
>   SecFilterInheritance OFf

  Use SecFilterEngine Off instead and you'll probably
  get it working.

-- 
Ivan Ristic, Technical Director
Thinking Stone, http://www.thinkingstone.com
ModSecurity: Open source Web Application Firewall
Apache Security (O'Reilly): http://www.apachesecurity.net