Hi
I have the 'mod_security' mod installed on my apache server and it's causing security errors when people use the word "curl" in a post. (It's rejecting it because 'curl' is the unix commandline tool for accessing url's).
I know I can configure mod_security to just ignore 'curl', but I'd like to come up with a better solution that allows me keep the mod_security config.
To that end ... An idea I have is to create an smf mod that's a javascript function that looks for "curl" when 'Post' or 'Preview' is clicked, and just puts up an alert box saying you can't use that word - or maybe even changes the word to "c-u-r-l" and notifies the user with an alert box.
- Has anyone had this kind of problem with a specific word?
- Has anyone created this kind of mod?
Thanks
You should ask your hosting provider to disable the mod_security module, you will always have problems. Smf works best without this module
Ah - I didn't realize there was so much discussion about this.
Thanks for your reply - I've found that I may be able to upgrade mod_security, but I can also disable it if it need to.
Thanks
mod_security can be useful -- but, in most cases is is worse than useless, because it is stupidly configured.
One of the best examples of the stupidity is triggered because I live in "Middlesex" county... this triggers errors because the word "sex" is within that word...