logoon  windows
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Forum Register Log in  RSS Apache Lounge


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored by anyone.

Your donations will help to keep this site alive and well, and continuing the building of the binaries.




mod_securty messing up phpmyadmin

 
Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules



View previous topic :: View next topic  
Author Message
shaggy



Joined: 15 Nov 2005
Posts: 66
Location: Dundee, Michigan

PostPosted: Sat 08 Apr '06 15:39    Post subject: mod_securty messing up phpmyadmin Reply with quote

I had mod_security installed but when I did I couldn't delete or drop database tables. I can now. I am using the suggested <ifmodule ......> for mod_security that is in the readme file for mod_security install provided on this website.

Here is what my log file says when I attempt to delete tables in a database:
Code:
mod_security: Access denied with code 403. Pattern match "drop[[:space:]]+table" at QUERY_STRING [msg "SQL Injection attack"] [hostname "windowsxp"] [uri "/phpmyadmin/sql.php?db=phpbb_test%3D2217&goto=db_details_structure.php&table=kb_articles&reload=1&purge=1&sql_query=DROP+TABLE+%60kb_articles%60&zero_rows=Table+kb_articles+has+been+dropped&is_js_confirmed=1"] [unique_id "INsCW8CoAAEAAAbsydgAAAD3"]

and
Code:
mod_security: Access denied with code 403. Pattern match "drop[[:space:]]+table" at QUERY_STRING [msg "SQL Injection attack"] [hostname "windowsxp"] [uri "/phpmyadmin/sql.php?db=phpbb_test%3D2217&table=kb_articles&goto=tbl_properties_structure.php&back=tbl_properties_structure.php&reload=1&purge=1&sql_query=DROP+TABLE+%60kb_articles%60&goto=db_details_structure.php&zero_rows=Table+kb_articles+has+been+dropped&is_js_confirmed=1"] [unique_id "HVXJd8CoAAEAAAbsycUAAAD4"]

Any help on this error?
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2125
Location: Hilversum, NL, EU

PostPosted: Sat 08 Apr '06 15:49    Post subject: Reply with quote

A way is just to remove that rule.

Wait, you can leave that rule and set in a <Directory x:/xxxx/phpmyadmin> container and set there SecFilterEngine Off.


Steffen
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules
Page 1 of 1