[pmwiki-users] Problem editing pages -- mod_security the cause?
Christian Ridderström
christian.ridderstrom at gmail.com
Fri Mar 27 07:24:20 CDT 2009
On Thu, 26 Mar 2009, Christian Ridderström wrote:
> Here's what I found in the error log:
>
> [Thu Mar 26 00:18:34 2009] [error] [client 201.38.240.167] ModSecurity:
> Access denied with code 400 (phase 2). Pattern match
> "\\\\%(?!$|\\\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:text. [id "950107"]
> [msg "URL Encoding Abuse Attack Attempt"] [severity "WARNING"] [hostname
> "wiki.lyx.org"]
> [uri "/LyX/LyxFunctions?action=edit"] [unique_id "t-bZsNTJRSsAAFdQ568AAAAB"]
Further investigations indicate that the problem is that mod_security
detects a '%' in one of the POSTed arguments, i.e. the argument that
contain the wiki markup for the page.
This means that with the current configuration of ModSecurity, it will
protest whenever you try to save a page containing a '%' in the markup.
*sigh*
ModSecurity is presumably there for a reason.. so: Does anyone have any
experience on how to deal with this kind of situation? Or simply ideas?
/Christian
--
Christian Ridderström Mobile: +46-70 687 39 44
More information about the pmwiki-users
mailing list