I'm trying create a setup for a subversion dav over http server. I've
successfully managed to enable the needed content-type
'application/vnd.svn*' and the request methods like PROPFIND etc.
While trying to commit to the repositories which are served vi the above
setup, I'm getting a rule violation against rule id "960012" in
modsecurity_crs_20_protocol_violations.conf, line 312, which is caused
by the javahl svn client of eclipse.
I've tried to disable the rule via
<LocationMatch /* >
<IfModule mod_security2.c>
SecRuleRemoveById 960012
</IfModule>
</LocationMatch>
with no success.
I've seen in line 312 of modsecurity_crs_20_protocol_violations.conf
that rule id 960012 has a chained rule which has no rule id.
Would I need to also disable the chained rule, which of course, I can't
do because of the missing rule id?
Is this a bug or a newbies common mistake?
Regards
Dietrich
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
