The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_security + frontpage extensions

Discussion in 'Security' started by ManXP, Aug 22, 2007.

  1. ManXP

    ManXP Well-Known Member

    Joined:
    Feb 3, 2005
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    I was searching this board regarding my issue, but couldn't find an exact answer. may someone tell me what rules need to be changed/removed on mod_security config files to enable normal work of Frontpage Extensions, please?


    We found that Frontpage Extensions do not work when mod_security is installed on server, and some users need this feature.

    Thanks!
     
  2. 4u123

    4u123 Well-Known Member
    PartnerNOC

    Joined:
    Jan 2, 2006
    Messages:
    765
    Likes Received:
    1
    Trophy Points:
    18
    Weve never had a problem with mod_security and frontpage.

    Are you using the standard ruleset from gotroot.com ?
     
  3. ManXP

    ManXP Well-Known Member

    Joined:
    Feb 3, 2005
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    Yes, we use standard ruleset. After searching this and some other forums, I found many people experience the same issue
     
  4. ToddShipway

    ToddShipway Well-Known Member

    Joined:
    Nov 13, 2006
    Messages:
    300
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Houston, TX
    Watch /usr/local/apache/logs/audit_log when trying to login to FP to see what FP is doing when mod_sec is enabled.

    If there is a rule blocking FP, this will lead you to the correct rule.
     
  5. ManXP

    ManXP Well-Known Member

    Joined:
    Feb 3, 2005
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    Just reversed mod_security configuration to default, will let know how it's going
     
  6. DigitalN

    DigitalN Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    420
    Likes Received:
    1
    Trophy Points:
    18
    It might not be mod_security that is causing the problem - I think the FP module needs to be able to read httpd.conf and maybe it can't any longer (httpd.conf chmod 600 for example), see if you have anything like this in /var/log/messages

    The chmod 600 on httpd.conf looks to be an issue with FP..
     
Loading...

Share This Page