From: Müller, Andreas <Andreas.Mueller@ve...> - 2008-10-24 07:19:59
Mod-security changes the output of our web-application when in "DetectionOnly"-Mode, which prevents our users from seeing the error-messages of our web-application: The web-application - a java-based tomcat-application which is connected through an apache-webserver with mod_jk - tries to generate an pdf-file. This operation sometimes fails and so the web-applications delivers an error message (java.lang.StringIndexOutOfBoundsException...). But with mod-security enabled, our users did not get the detailed error message of the web-application. Instead they get an "Server-Error 500", which is rather unspecific and makes it for us more difficult to solve the problems of our users. In the debug-logs of mod-security there is only the message "Output filter: Error while forwarding response data (104): Connection reset by peer".
How can I change this behaviour of mod-security, so that it does not disable the error-messages of our web-application ?
Get latest updates about Open Source Projects, Conferences and News.