mod_security + frontpage extensions

[ManXP]

Hi,

I was searching this board regarding my issue, but couldn't find an exact answer. may someone tell me what rules need to be changed/removed on mod_security config files to enable normal work of Frontpage Extensions, please?


We found that Frontpage Extensions do not work when mod_security is installed on server, and some users need this feature.

Thanks!

 

[4u123]

Weve never had a problem with mod_security and frontpage.

Are you using the standard ruleset from gotroot.com ?

 

[ManXP]

Yes, we use standard ruleset. After searching this and some other forums, I found many people experience the same issue

 

[Todd Mitchell]

Watch /usr/local/apache/logs/audit_log when trying to login to FP to see what FP is doing when mod_sec is enabled.

If there is a rule blocking FP, this will lead you to the correct rule.

 

[ManXP]

Just reversed mod_security configuration to default, will let know how it's going

 

[DigitalN]

It might not be mod_security that is causing the problem - I think the FP module needs to be able to read httpd.conf and maybe it can't any longer (httpd.conf chmod 600 for example), see if you have anything like this in /var/log/messages

Microsoft FrontPage Server Extensions: Error #2005d Message: The server extensions were unable to access the file "httpd.conf". Please check the file permissions.

The chmod 600 on httpd.conf looks to be an issue with FP..