Re: [mod-security-users] Filtering on POST

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

My first reaction was - Are you using Apache 2.X branch?  I have seen
similar messages when trying to enable/scan POST payloads with Apache
1.Xversions as that functionality is not available.  I see, however,
that you
are using 2.055-4 version.

Ivan's first recommendation is almost always - "Look in the mod_security
debug log file".  It should give you some more detailed info than the norma=
l
Apache error log.

--
Ryan C. Barnett
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor: Securing Apache
GCIA, GCFA, GCIH, GSNA, GCUX, GSEC
Author: Preventing Web Attacks with Apache

On 4/6/06, go...@si... <go...@si...> wrote:
>
> Hello,
>
> I wanted to filter some of my website on POST payload because I got some
> blog spammed by POST requests.
>
> So I've activated SecFilterScanPOST On
>
> but now, when I want to POST a new story (which is rather legitimate ;))
> I get these errors in apache logs and a blank page in the webblog :
>
> Wed Apr 05 10:20:42 2006 error client xx.yy.ww.zz mod_security:
> Filtering against POST payload requested but payload is not available
> hostname "www.aaaaa.net" uri "/admin/story.php"
>
> Any idea ?
>
> I'm using :
> - Debian 3.1 (mixed testing/unstable)
> - Apache 2.055-4
> - Mod_security 1.9.2-rc3-1
> - Php4 4.4.2-1
>
> Sioban.
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting
> language
> that extends applications into web and mobile media. Attend the live
> webcast
> and join the prime developer group breaking into this new coding
> territory!
> http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D110944&bid=3D241720&dat=
=3D121642
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
>