Atomicorp

That did get that portion through (thanks), but now he's failing on: --- msg "Atomicorp.com UNSUPPORTED DELAYED Rules: POST request must have a Content-Length header" --- This is a mobile MIDP Java application connecting, and no matter what he tries, he cannot get it to send a Content-Leng...

Thanks. Done.

Just waiting to hear back from that customer to see if it fixed their issue.

Out of curiosity, why does 2.6 allow that rule to be disabled?

Thx.

We are using "mod_security-2.5.13-1.el5.art" from your site.

We have a customer that has a mobile application. Everything was working fine until we deployed mod_secuirty with Atomicorp rules. the audit log is as follows: --- --d240b57d-B-- POST /servlet/put HTTP/1.1 User-Agent: Profile/MIDP-1.0 Configuration/CLDC-1.0 UNTRUSTED/1.0 Content-Type: multipart/form...

Actually, we've discovered this one was legit and the user pasted the wrong entry into the ticket they opened with us. The issue with the Tomcat Manager module was fixed by passing a valid UserAgent string (as it was failing 20_asl_useragents.conf), and since we have a unique string that is a portio...

It appears that because ISPmanager is called via '/manager/ispmgr', the entry for '<LocationMatch /manager/>' in 10_asl_rules.conf is causing some requests to fail, i.e., when trying to edit files in ISPmanager's File Manager, you get "You don't have permission to access /manager/ispmgr on this...

We're finding the final rule in that set has severely hampered our ability to use Tomcat. We have a custom module in our control panel that talks to the Tomcat Manager application on another server to get status info, list contexts and provide start/stop/restart control. The requests don't provide a...