[RCU] problem with roundcube 0.3.1 with mod_security
L.M.J
linuxmasterjedi at free.fr
Sat Jan 23 07:13:35 CET 2010
Le Fri, 22 Jan 2010 22:41:04 +0100,
fakessh <fakessh at fakessh.eu> a écrit :
> someone else may be encountered the problem with the mod_security active
> and disable SELinux.
> and how did you change the rules for mod_security.
> my server is currently shooting with mod_security off and I look for
> solutions to the restart
I'm using mod_security on most of my servers but not on the one with Roundcube because it's not in real
production. On Debian/Ubuntu, I've put my rules in /etc/apache2/conf.d/. Check out
modsecurity_crs_10_config.conf and especially :
SecAuditLogType Serial
SecAuditLog /var/log/apache2/modsec_audit.log
SecDebugLog /var/log/apache2/modsec_debug.log
SecDebugLogLevel 3
Enable those logs and then, play with roundcube and watch the information logs, it will tell which rule and
the rule line in whatever config file create an issue. I would recommend to share the errors here, it could
help devs too...
--
LMJ
"May the source be with you my young padawan"
--- 8< --- detachments --- 8< ---
The following attachments have been detached and are available for viewing.
http://detached.gigo.com/rc/7h/13exnR6f/signature.asc
Only click these links if you trust the sender, as well as this message.
--- 8< --- detachments --- 8< ---
-------------- next part --------------
_______________________________________________
List info: http://lists.roundcube.net/users/
More information about the users
mailing list