using the word 'curl' in a post

[jjsmith]

Hi

I have the 'mod_security' mod installed on my apache server and it's causing security errors when people use the word "curl" in a post.  (It's rejecting it because 'curl' is the unix commandline tool for accessing url's).

I know I can configure mod_security to just ignore 'curl', but I'd like to come up with a better solution that allows me keep the mod_security config.

To that end ... An idea I have is to create an smf mod that's a javascript function that looks for "curl" when 'Post' or 'Preview' is clicked, and just puts up an alert box saying you can't use that word - or maybe even changes the word to "c-u-r-l" and notifies the user with an alert box.

- Has anyone had this kind of problem with a specific word?
- Has anyone created this kind of mod?

Thanks

[radu81]

You should ask your hosting provider to disable the mod_security module, you will always have problems. Smf works best without this module

[jjsmith]

Ah - I didn't realize there was so much discussion about this. 

Thanks for your reply - I've found that I may be able to upgrade mod_security, but I can also disable it if it need to.

Thanks

[Kindred]

mod_security can be useful -- but, in most cases is is worse than useless, because it is stupidly configured.

One of the best examples of the stupidity is triggered because I live in "Middlesex" county...    this triggers errors because the word "sex" is within that word...