> >>Mod_security 1.8.5 has been released. It is available for immediate
> >>download from:
> >>
> >> http://www.modsecurity.org/download/
> >>
> >>This maintenance release relaxes several minor problems discovered
> >>in 1.8.4. Please see the changes below for more details.
> >
> > I am still running 1.7.7. Can I upgrade to 1.8.5 without significant
> > changes? (especially to the chroot thingy).
>
> I don't think you should experience any difficulties. But wait for
> a couple days, I will release 1.8.6 early next week to fix another
> small issue that has just popped up.
Darn. I just upgrade to 1.8.6, and already my first problem appears:
mod_security: Access denied with code 406. Error parsing multipart
parameters: Error normalizing parameter value: Invalid character detected
[13] [hostname "asarian-host.net"] [uri
"/cgi-bin/openwebmail/openwebmail-send.pl?action=composemessage ...
I have this in my vhosts.conf:
<Location /cgi-bin>
SecFilterInheritance Off
SecAuditEngine Off
</Location>
How do I fix this?? It work fine under 1.7.7. :(
Also, why is this error not in mod_security_audit.log?
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx
|
