Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Subversion and mod_security

Discussion in 'Security' started by bpat1434, Jun 29, 2007.

  1. bpat1434

    bpat1434 Well-Known Member

    Oct 2, 2004
    Likes Received:
    Trophy Points:
    Columbia, MD
    I've been fighting for the last 48 hours to get SVN and Trac working properly on my server. Finally I've gotten them to where they're supposed to be. Now, when I use rapidSVN or TortoiseSVN to commit, browse, or checkout from my server, I keep getting a 406 error. I know this is mod_security because, well, it can't be anything else.

    So I googled for some help, and it gave me the typical lines of:
    Charl van Niekerk » Blog: Subversion & mod_security
    Wayne Graham's Blog: Subversion with mod_security

    In each of those, it gives me these lines:
    SecFilterSelective REQUEST_METHOD "^(PROPFIND|PROPPATCH)$" allow
    SecFilterSelective REQUEST_METHOD "^(REPORT|OPTIONS)$" allow
    SecFilterSelective REQUEST_METHOD "^(MKACTIVITY|CHECKOUT)$" allow
    SecFilterSelective REQUEST_METHOD "^(PUT|DELETE|MERGE)$" allow
    So I edit my httpd.conf file in the <VirtualHost> directive for the proper directory, and restart apache.

    Now, for whatever reason, these rules don't seem to be taking effect. I still get 406 errors if I try to browse the repository (which generates a REPORT call) or commit (which generates PUT call). I'm completely at a loss here.

    Has anyone had any experience getting SVN to work with mod_security installed? I'm using mod_security v1.9.1 right now, but thinking I should probably upgrade to 2.1.1 soon. Any help is appreciated.

Share This Page