Timothy Murphy wrote:
On Sunday 23 December 2007 10:45:57 pm Les Mikesell wrote:
Thanks for persisting.
I thought before I got no entry in the httpd error_log,
but now I see I do get a response:
-----------------------------------------------
[Sun Dec 23 22:01:19 2007] [error] [client 127.0.0.1] ModSecurity:
Warning. Match of "rx ^((?:(?:POS|GE)T|OPTIONS|HEAD))$" against
"REQUEST_METHOD" required. [id "960032"] [msg "Method is not allowed by
policy"]
[severity "CRITICAL"] [hostname "localhost"] [uri "/svn/Penrose"]
[unique_id "QF0MPsCoAgEAACM5LWkAAAAB"]
-----------------------------------------------
Is it obvious to you what this message means?
I'll probably be able to work out something if I study it.
I thought someone earlier mentioned problems with a recent fedora update
of mod_security. I'm running under Centos and don't see this.
Sorry, I was being silly.
I saw the note you mention and took the perverse decision
to _install_ the mod_security package.
I see now that these messages in the httpd access_log
are just repeating more loudly that the PROPFIND method
is "not allowed by policy".
That looks specifically like a mod_security error to me. What happens
if you 'yum erase mod_security'? If that doesn't help, try adding
Indexes to the Options permitted (the default settings only allows them
under /var/www/html) and they might be needed if you are referencing a
directory - I'm not really sure how webdav handles that.
--
Les Mikesell
lesmikesell@xxxxxxxxx
