[CentOS] mod_security

Tony Schreiner schreian at bc.edu
Tue Jun 10 14:52:42 UTC 2008


I've set up a CentOS 5 system as a server for http installs.

Currently up-to-date with
httpd-2.2.3-11.el5_1.centos.3
mod_security-2.1.7-1.el5

my installs were failing just after the root password set up, before  
software selection.

I tracked it down to a server error 500 and it was due to  
mod_security claiming the comps.xml file was too big

The error:
[Tue Jun 10 09:59:01 2008] [error] [client XXX.XXX.XXX.XXX]  
ModSecurity: Output filter: Content-Length (934390) over the limit  
(524288). [hostname "XXX.XXX"] [uri "/install/centos/5/x86_64/ 
repodata/comps.xml"] [unique_id "VJNb-4inMQIAACd0XcwAAAAA"]


This is set in  /etc/httpd/mod_security.d/modsecurity_crs_10_config.conf
SecResponseBodyLimit 524288


I increased that size and all is now well, but can somebody enlighten  
me as to the purpose of that setting?

I've started reading the document in
/usr/share/doc/mod_security-2.1.7/doc/modsecurity2-apache-reference.pdf
is there other good documentation for mod_security?

Cheers,
Tony Schreiner
Boston College



More information about the CentOS mailing list