[ic] mod_security and mod_interchange
Matthew Daniels
mpd at krilion.net
Tue Mar 27 09:08:25 EST 2007
I'm using Apache 1.3, mod_security 1.9 and the latest mod_interchange.
Requests that are handled by mod_interchange and match my mod_security rules
appear to properly trigger the correct response from mod_security, at least
in
the apache error log. But going to a forbidden URL in a browser displays a
page
from interchange, despite the apache log saying it returned a HTTP 500
response.
I'm guessing this has something to do with the ordering of modules, since
requests
that aren't handled by mod_interchange are correctly denied. I have
mod_security.c
at the top of my LoadModule list for all the good that does.
Matthew
More information about the interchange-users
mailing list