[HowTo] Mod Security on debian

[DaSilva]

I always get this error with PHP-Fusion if modsecurity_crs_40_generic_attacks.conf is activated.

Quote:501 Method Not Implemented

POST to /HP/administration/panel_editor.php not supported.
Apache/2.2.0 (Fedora) Server at http://www.domain.tld Port 80

No ID is posted in error.log.

How can I solve that?

[Zothos]

disable the corresponding rule.....

[r3r3]

Hello
I am getting this error

Code:

[Tue Dec 23 15:14:06 2008] [error] [client 127.0.0.1] ModSecurity: Access denied with code 400 (phase 2). Pattern match "^[\\d\\.]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity2/modsecurity_crs_21_protocol_anomalies.conf"] [line "60"] [id "960017"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [hostname "127.0.0.1"] [uri "/"] [unique_id "Y2ErmAoCApQAAAj1GDIAAAAT"]

Should i do something about it? It's obviousely my own server's localhost ip which is blocked by modescurity, anyone can advise what to do?

[seba22]

How to disable mod security for admin.ispcp ?

Disable code is:

<location />
SecRuleEngine Off
</location>


But where is virtualhost for admin.ispcp

[Lucan]

/var/www/ispcp/gui i think.

[seba22]

I found:

webserver:/etc/apache2/sites-enabled# nano 00_master.conf


Maybye add this to wishlist ?

Small checkbox in creation user accound ( enable mod security) and then in vhost enable mod security ?

[Lucan]

Since there went over quite much time, is there any .deb source for lenny?


Greets

[Jillian]

Packages for Lenny:
deb http://etc.inittab.org/~agi/debian/libap...-security2 ./

[Lucan]

And can you also tell me, which of the changes i have to do for the deb source, to make it work with ispcp?


Thanks

[Lucan]

no idear?

greetings