Re: mod-security-users Digest, Vol 6, Issue 22

Ivan Ristic wrote:

On 11/21/06, Dan Rossi <spam@xxxxxxxxxxxxxxxx> wrote:

Ivan Ristic wrote:
>
> It is documented and it works. However, "SecFilterInheritance"
> prevents the rules from being inherited from the parent context but it
> does nothing to the configuration options. The configuration settings
> are always inherited. If you want something different to happen just
> provide different configuration. So, in your case you could do
> something like:
>
> <Location /signup>
> SecFilterInheritance Off
> SecFilterForceByteRange 0 255
> </Location>
>

Ok what im saying here is, every rule set as default will have to be
overwritten as u have here, ie the ones we need to override for etc, so
mod sec cant be turned off per virtualhost for instance ?

Sure it can:

<VirtualHost whatever>
   SecFilterEngine Off
   SecAuditEngine Off
</VirtualHost>

Hi Ivan, i just put these rules  inside virtualhost for mod sec 2 and i get this

Invalid command 'SecFilterEngine', perhaps mis-spelled or defined by a module not included in the server configuration


if i do

SecRuleEngine Off
SecAuditEngine Off


its ok however for some of our zend encoded files something happens with the posts, i dont get any errors but it seems modsec is doing something even though ive turned if off in that path and redirects back to the file . I cant go into the code and look because its encoded and there is no log :\

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV_______________________________________________
mod-security-users mailing list
mod-security-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/mod-security-users