I need to add the following line into my .htaccess file in order to get my website working with mod_security
SecFilterScanPOST Off
but then I get an error
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
In my WebHost manager I see the following message: mod_security is installed and running!
I do not know what I did wrong?
-
Check your apache error log (on linux it is usually in /var/log/http/error_log or similar).
-
That module is probably not loaded. Try it within a
<IfModule>block to avoid such error:<IfModule mod_security.c> SecFilterScanPOST Off </IfModule>But note that this doesn’t solve your problem. It just avoids that internal error.
To solve your problem, make sure that the mod_security module is loaded. This is done with the
LoadModuledirective.Roland : In my WebHost manager I see the following message: mod_security is installed and running!Gumbo : @Roland: Then your mod_security module is probably not intended to be used in a .htaccess file. Maybe it’s just allowed in the server/virtual host configuration.From Gumbo -
You can check if the SecFilterScanPOST directive is allowed in .htaccess files (probably via an AllowOverride option in your Apache or VirtualHost config file).
From juba -
If your mod_security version is 2 or greater you can't put directives in a .htaccess file - only httpd.conf will do. I suppose they'll add this to the FAQ sooner or later.
From djn
0 comments:
Post a Comment