[RCD] [RCU] recurring problem at the level of authentication and total absence of log
fakessh at fakessh.eu
Wed Dec 2 20:34:57 CET 2009
On Wed, 2 Dec 2009 20:22:40 +0100, till <klimpong at gmail.com> wrote:
> On Wed, Dec 2, 2009 at 8:11 PM, fakessh <fakessh at fakessh.eu> wrote:
>> On Wed, 2 Dec 2009 11:04:03 -0700, gnul <nullchar at gmail.com> wrote:
>>> I have not run RoundCube under mod_security, but from what I know
>>> about mod_security, I am sure it can be done.
>>> mod_security simply applies a [long] list of rules to the contents of
>>> each request (GET/POST/HEAD/etc) including the header.
>>> Depending on your ruleset, you often have to add exceptions for
>>> certain applications, and/or disable entire rules server-wide. What
>>> I've done in the past is: tail -F error_log while you use the
>>> application. Then you add exceptions for the uri (e.g. "/roundcube")
>>> or hostname or disable certain rules inside the modsecurity*.conf
>> Thank you for your interest in my problem
>> how easy to apply new rules to mod_security ?
> I think you can do it in .htaccess. But you should check with your
I can edit my file myself .htaccess .
I have root access on the machine
List info: http://lists.roundcube.net/dev/
More information about the Dev