On Wed, 2005-03-02 at 19:37 -0500, Chris Strzelczyk wrote: > Thanks, > > I will take a serious look at mod_security. I do install security > updates > which is why I believe this to be my error on the configuration side > and not > a hole. > > Thanks for all you help. > -cs Chris, You have been asked twice to NOT top post. Alexander explained the proper way to post in a mailing list to maintain readability. Please put your answers _following_ the text it applies to, so we all can follow in a normal reading pattern the entire discussion. Your definition of a "hole" is inadequate. Flawed software can leave an exploitable weakness, but insecure configurations can also (and often does) cause a hole as well. The fact that you have things up to date is not sufficient reason to feel totally secure. Security requires continuous vigilance.
