The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_security + frontpage extensions

Discussion in 'Security' started by ManXP, Aug 22, 2007.

  1. ManXP

    ManXP Well-Known Member

    Joined:
    Feb 3, 2005
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    156
    Hi,

    I was searching this board regarding my issue, but couldn't find an exact answer. may someone tell me what rules need to be changed/removed on mod_security config files to enable normal work of Frontpage Extensions, please?


    We found that Frontpage Extensions do not work when mod_security is installed on server, and some users need this feature.

    Thanks!
     
    #1 ManXP, Aug 22, 2007
  2. 4u123

    4u123 Well-Known Member
    PartnerNOC

    Joined:
    Jan 2, 2006
    Messages:
    782
    Likes Received:
    6
    Trophy Points:
    168
    Weve never had a problem with mod_security and frontpage.

    Are you using the standard ruleset from gotroot.com ?
     
    #2 4u123, Aug 22, 2007
  3. ManXP

    ManXP Well-Known Member

    Joined:
    Feb 3, 2005
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    156
    Yes, we use standard ruleset. After searching this and some other forums, I found many people experience the same issue
     
    #3 ManXP, Aug 22, 2007
  4. ToddShipway

    ToddShipway Well-Known Member

    Joined:
    Nov 13, 2006
    Messages:
    300
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Houston, TX
    Watch /usr/local/apache/logs/audit_log when trying to login to FP to see what FP is doing when mod_sec is enabled.

    If there is a rule blocking FP, this will lead you to the correct rule.
     
    #4 ToddShipway, Aug 22, 2007
  5. ManXP

    ManXP Well-Known Member

    Joined:
    Feb 3, 2005
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    156
    Just reversed mod_security configuration to default, will let know how it's going
     
    #5 ManXP, Aug 23, 2007
  6. DigitalN

    DigitalN Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    420
    Likes Received:
    1
    Trophy Points:
    168
    It might not be mod_security that is causing the problem - I think the FP module needs to be able to read httpd.conf and maybe it can't any longer (httpd.conf chmod 600 for example), see if you have anything like this in /var/log/messages

    The chmod 600 on httpd.conf looks to be an issue with FP..
     
    #6 DigitalN, Aug 29, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - mod_security frontpage extensions
  1. Jasleen

    Mod_Security with CRS

    Jasleen, May 30, 2017, in forum: Security
    Replies:
    9
    Views:
    105
    fuzzylogic
    May 31, 2017
  2. Nirjonadda

    Mod_Security Vendors

    Nirjonadda, Apr 16, 2017, in forum: Security
    Replies:
    3
    Views:
    178
    Nirjonadda
    Apr 17, 2017
  3. stevenvsi

    Unable to disable mod_security per domain in user interface

    stevenvsi, Apr 11, 2017, in forum: Security
    Replies:
    9
    Views:
    256
    cPanelMichael
    Apr 11, 2017
  4. caisc

    Mod_Security rule to mitigate constant GET and POST request attack

    caisc, Feb 25, 2017, in forum: Security
    Replies:
    6
    Views:
    267
    quizknows
    Mar 7, 2017
  5. caisc

    Mod_security rules to prevent spam registrations and comments on wordpress sites

    caisc, Feb 7, 2017, in forum: Security
    Replies:
    12
    Views:
    431
    caisc
    Feb 10, 2017

Share This Page