[Owncloud] owncloud and mod_security
Ed W
lists at wildgooses.com
Wed Mar 13 22:37:10 UTC 2013
On 13/03/2013 11:48, Bernhard Posselt wrote:
> On 03/13/2013 12:05 PM, Saint Germain wrote:
>> Hello,
>>
>> I would like to know if it is a good idea to run owncloud with
>> mod_security for Apache ?
>> Should I expect a lot of problems ?
>> It seems that it doesn't work at this moment:
>> https://github.com/owncloud/core/issues/1796
>>
>> I can of course test it and report the bugs. But if this is supposed
>> to be a huge task, maybe I should avoid it until someone with more
>> skills do it properly ?
>>
>> Thanks
>> _______________________________________________
>> Owncloud mailing list
>> Owncloud at kde.org
>> https://mail.kde.org/mailman/listinfo/owncloud
> I would not recommend it.
I disagree. It might need substantial tweaking, but then mod_security
is a very blunt tool. The URL paths for own cloud are fairly
predictable, it wouldn't be too hard to craft your own rule set to
handle potential injection attacks
Good luck
Ed W
More information about the Owncloud
mailing list