Posted 2 years ago #
I have had many issues with this blocking out certain words (btw can anyone explain why this happens? it was driving me to complete madness until I figured it must be this).
My host tells me they highly recommend against disabling mod_security though, as it then poses some large security risk.
Can anyone expand on this please? I have databases with peoples names/phone numbers/addresses/ etc stored on them, i dont want to open up any security holes
Thanks
brief explanation
http://onlamp.com/pub/a/apache/2003/11/26/mod_security.html
you definitely don't want to turn it off
it is likely blocking certain words to stave off sql injections, etc.
There IS a difference, as I mentioned in your other thread between turning it off and turning it of selectively.
If you disable it for admin posting (which if you read the disable mod security post, you'll note we're only advocating turning it off for THREE files, all of which are only available on the admin side) you're at a higher risk, yes, but not a devastating one.
Sound advice from Ipstenu
This topic has been closed to new replies.
