chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Global: Remove conditional rules for mod security in .htaccess as they can break an installation under certain circumstances (SecRuleRemoveById not allowed in <If> context) - refs #3163

Browse Source
pull/3446/head
Yannick Warnier 5 years ago
parent f341e654a2
commit 5f517f9752
1 changed files with 0 additions and 14 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 14
      .htaccess

14
.htaccess
Unescape View File

@ -89,17 +89,3 @@ AddType application/font-woff .woff .woff2
ExpiresByType application/font-woff "access plus 1 month"
</IfModule>
# Add MOD Security exceptions against XSS Attack confusion in main/lp/*.php
# See https://github.com/chamilo/chamilo-lms/issues/3163
<IfModule mod_security.c>
<If "%{REQUEST_URI} =~ m#main/lp#">
SecRuleRemoveById 212000-212999
</If>
</IfModule>
<IfModule mod_security2.c>
<If "%{REQUEST_URI} =~ m#main/lp#">
SecRuleRemoveById 212000-212999
</If>
</IfModule>

Write Preview
Loading…
Cancel
Save