[Modsecurity] false positive at joomla backend logout
Peter Morak
pmorak at pemocom.com
Sun Oct 22 12:41:38 EDT 2006
hello,
first, sorry for my bad english :)
after i installed the new rules (apache2) i think i get false positives
when a user log out from a joomla (1.0.11) backend (a lot of customers
mentioned the error). after i commented out following rule
#SecFilterSelective REQUEST_URI
"!(/tiki-objectpermissions|aardvarkts/install/index|/do_command|banner_click|wp-login|tiki-view_cache|/horde/index|/horde/services/go|/goto|gallery2?/main|ad-?server/adjs)"
"chain,id:300018,rev:3,severity:2,msg:'Generic PHP code injection
protection via ARGS'"
#SecFilterSelective REQUEST_URI "\.php(3|4|5)?(\?|&)" chain
#SecFilterSelective ARGS "(ht|f)tps?:/"
the logout work again.
anyone have this error too?
thx
peter
More information about the Modsecurity
mailing list