"Matthew Daniels" <suppressed> wrote: > I'm using Apache 1.3, mod_security 1.9 and the latest mod_interchange. > > Requests that are handled by mod_interchange and match my mod_security rules > > appear to properly trigger the correct response from mod_security, at least > in > the apache error log. But going to a forbidden URL in a browser displays a > page > from interchange, despite the apache log saying it returned a HTTP 500 > response. > > I'm guessing this has something to do with the ordering of modules, since > requests > that aren't handled by mod_interchange are correctly denied. I have > mod_security.c > at the top of my LoadModule list for all the good that does. > I'm not familiar with mod_security, but I know that mod_interchange-1 does not "chain" well with other modules, such as mod_cgi and mod_php etc. There doesn't seem to be much point in putting too much time into working out a solution for this for mod_interchange-1, unless you already have a solution you'd like to suggest, of course. This sort of thing should be much easier to handle with the Apache 2 API, so the time will probably be better spent creating mod_interchange-2 for Apache 2. Mod_interchange-2 will be written at some point, when there's enough interest, and should hopefully put an end to the exotic module chaining issues that are reported on this mail list from time to time. -- _/ _/ _/_/_/_/ _/ _/ _/_/_/ _/ _/ _/_/_/ _/_/ _/ _/ _/ _/_/ _/ K e v i n W a l s h _/ _/ _/ _/ _/ _/ _/ _/_/ suppressed _/ _/ _/_/_/_/ _/ _/_/_/ _/ _/ _______________________________________________ interchange-users mailing list suppressed http://www.icdevgroup.org/mailman/listinfo/interchange-users
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.