[Moin-user] Very bizarre text problem

Trog trog at trogwoolley.com
Mon May 23 05:34:05 EDT 2005


Further research has revealed that a wiki page with only tftp config 
gives this error :-
[Mon May 23 12:49:14 2005] [error] [client 194.207.237.28] mod_security: 
Access denied with code 403. Pattern match "tftp\\x20" at POST_PAYLOAD. 
[hostname "www.openhgs.org"] [uri "/moin.cgi/JustATest2"] [unique_id 
QpHDOlBXgCQAAA3mHEM]

and a page with only /usr/sbin/ltspcfg :-
[Mon May 23 12:54:08 2005] [error] [client 194.207.237.28] mod_security: 
Access denied with code 403. Pattern match "!mailprog=" at QUERY_STRING. 
[hostname "www.openhgs.org"] [uri "/moin.cgi/JustATest2"] [unique_id 
QpHEYFBXgCQAAA3RZi0]

and a page with just cp /bin/dmesg /opt/ltsp/i386/bin :-
[Mon May 23 12:57:41 2005] [error] [client 194.207.237.28] mod_security: 
Access denied with code 403. Pattern match "/bin/" at POST_PAYLOAD. 
[hostname "www.openhgs.org"] [uri "/moin.cgi/JustATest2"] [unique_id 
QpHFNVBXgCQAAA3hiBQ]

The common factor is mod_security, which I see is something to do with 
the apache server.  Our wiki is hosted on an ISP's server, so I need to 
ask them some intelligent questions about what is happenning, but I don't 
know what I should ask them.  They are not going to know MoinMoin.  Does 
anyone have any experience with the mod_security module who can point me 
in the right direction with regard to asking the right questions to solve 
this issue? 

-- 
Trog Woolley  |  trog at trogwoolley dot com
(A Croweater back residing in Pommie Land with Linux)
Isis Astarte Diana Hecate Demeter Kali Inanna





More information about the Moin-user mailing list