ukpro
Aug 26 2004, 02:27 PM
Hi all,
I have recently worked my way through
http://forum.ev1servers.net/showthread.php...highlight=apf+s
To implement security onto my RHEL box but since doing this I have noticed that when running certain scripts in ModernBill and Invision I am gettin an Internal Server Error. I have done everything the above link says but am now stuck. Can anyone help.
Liam
eth00
Aug 26 2004, 04:46 PM
Check in the /var/log/httpd/audit_log
Something in the mod_security rules is triggering the problem. You should see the rule that is causing the problems and you can just comment it out. If you have any more trouble feel free to post it in that thread so other users can see when they look at the thread.
For a quick temp fix you can remove mod_security if you do not have the time to troubleshoot.
ukpro
Aug 26 2004, 11:42 PM
In the log you asked me to check I am getting the following
# tail -f /usr/local/apache/logs/error_log
[Fri Aug 27 06:32:44 2004] [error] [client 127.0.0.1] File does not exist: /usr/
local/apache/htdocs/500.shtml
This is when I replicate the problem.
Not sure which part of Mod_sec is causing this.
ukpro
Aug 26 2004, 11:54 PM
Well thanks for that, I narrowed it down to
# Should mod_security inspect POST payloads
SecFilterScanPOST On
# Action to take by default
SecFilterDefaultAction "deny,log,status:500"
So I have commented them out and it now works fine.
Are there any implications of dooing this?
Liam
eth00
Aug 27 2004, 10:12 AM
Well if you turn of the logging your not going to see any more errors. Can you paste what the error logs says, you can probably remove another rule to get it working.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.