LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 04-01-2011, 08:11 PM   #1
ServerNoob
LQ Newbie
 
Registered: Apr 2011
Posts: 5

Rep: Reputation: 0
Question A problem with modsecurity and mediawiki, please help!


I'm running Apache2 on a Linux server with the latest modsecurity and crs. Modsecurity spits out three XSS errors in the apache2 error.log every time I visit my mediawiki site Main Page. It complains about anomaly score of 5 exceeded and has denied access. Though the mediawiki still works fine and loads as it should. The error doesn't have a rule-id, so I don't know how to fix this so it ignores those three problems in the mediawiki's index.php. Help appreciated thanks!
 
Old 04-01-2011, 10:17 PM   #2
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
What is the exact error message that is show up in the error log? The log entry usually has a few key words that you can use to find the rule in the modsecurity config file.
 
Old 04-05-2011, 05:21 PM   #3
ServerNoob
LQ Newbie
 
Registered: Apr 2011
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks stickman for helping me out here.

The error shows the rule, and the access log shows the affected url, so I know all that. I just don't know how to create a whitelist or exception without a rule id number that everyone seems to use. I'm using anomaly scoring mode.

BTW it's hard to copy and paste from the server because the server is a command line linux box.

Thanks again!
 
Old 04-11-2011, 10:31 PM   #4
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
What is the rule that is blocking the request? Depending on the rule, you might be able to comment it out in the conf, but that would depend on what the scope of the rule is.

BTW, you can still copy-n-paste session, but the method depends on the client. I usually highlight and use shift-del to cut.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can somone please help me with modsecurity log? jim.thornton Linux - Security 13 06-10-2008 09:18 AM
MediaWiki: Problem uploading images and files rushadrenaline Linux - Software 0 11-25-2007 01:47 AM
ModSecurity + ajax shafey Linux - Server 0 05-29-2007 04:19 PM
ModSecurity 2 issue JediKnight2 Linux - Server 1 03-10-2007 10:11 AM
ModSecurity SecFilterRemove gabsik Linux - Security 2 12-28-2006 02:03 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration