Marek Podmaka wrote:
Hello Luc, Saturday, November 19, 2005, 19:32:47, Luc Stroobant wrote: LS> SecFilter "To\:" LS> SecFilter "to\:" LS> SecFilter "From\:" LS> SecFilter "from\:" LS> SecFilter "Cc\:" LS> SecFilter "cc\:" LS> SecFilter "Bcc\:" LS> SecFilter "bcc\:" These break a lot other scripts (including webmail). It matches for example text "mailto:something"; and many other. I have modified it by prepending "\n" to each of this and for now it seems ok.
Webmail will be a problem with these rules, indeed. In our case, users are not supposed to host such apps. I guess when somebody tries to post a mailheader on a forum you'll run in troubles with your rules too...
But I had to enable SecFilterScanPOST and it breaks some more things... Do you know what this error means? Error: chunked Transfer-Encoding forbidden: /chat/f_upload.php mod_security-message: Access denied with code 500. ap_setup_client_block failed with 411
Probably this one: <http://www.modsecurity.org/documentation/modsecurity-apache-manual-1.9.html#N101B4> Luc