Squirrelmail with ModSecurity (a bit OT).

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello all,

Does anyone else here use Mod_Security on their web server?

Since upgrading Mod_Security I now find that I am able to access SM as normal,
but clicking on any message or folder results in the error "Forbidden
You don't have permission to access /webmail/src/right_main.php on this
server."

I'm aware that this is not a SM problem, but I am posting here in case anyone
has already solved this problem (I have posted a similar thread on the Mod_Sec
CRS list).

I am running SM on a Fedora 11 machine using the Fedora package SquirrelMail
1.4.19-2.fc11.

Here is an extract from the modsec_audit.log file:

--22f31753-H--
Message: Pattern match
"([^*:\s\w,.\/?+-]\s*)?(?<![a-z]\s)(?<![a-z\/_@>\-\|])(\s*return\s*)?(?:join|pop|push|reverse|reduce|concat|map|shift|sp?lice|sort|unshift)(?(1)[^\w%"]|(?:\s*[^@\s\w%,.+\-]))"
at REQUEST_URI_RAW. [file
"/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_41_phpids_filters.conf"]
[line "53"] [id "phpids-18"] [msg "Detects JavaScript array properties and
methods"] [data "&sort="] [severity "CRITICAL"] [tag "WEB_ATTACK"]
Message: Warning. Operator GE matched 5 at TX:anomaly_score. [file
"/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_60_correlation.conf"]
[line "41"] [msg "Transactional Anomaly Score (score 20): Detects JavaScript
array properties and methods"]
Action: Intercepted (phase 2)
Apache-Handler: php5-script
Stopwatch: 1259841664114003 27655 (6852 25106 -)
Producer: ModSecurity for Apache/2.5.10 (http://www.modsecurity.org/); core
ruleset/2.0.2.
Server: Apache/2.2.13 (Fedora)

Apologies for OT post - but hoping someone can help...

Thanks in advance

Mark

Attachment: pgpNdkpRemOwh.pgp
Description: PGP signature

------------------------------------------------------------------------------
Join us December 9, 2009 for the Red Hat Virtual Experience,
a free event focused on virtualization and cloud computing. 
Attend in-depth sessions from your desk. Your couch. Anywhere.
http://p.sf.net/sfu/redhat-sfdev2dev
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
[Index of Archives]     [Video For Linux]     [Yosemite News]     [Yosemite Photos]     [gtk]     [KDE]     [Cyrus SASL]     [Gimp on Windows]     [Steve's Art]     [Webcams]

  Powered by Linux