I've set up a CentOS 5 system as a server for http installs.

Currently up-to-date with httpd-2.2.3-11.el5_1.centos.3 mod_security-2.1.7-1.el5

my installs were failing just after the root password set up, before software selection.

I tracked it down to a server error 500 and it was due to mod_security claiming the comps.xml file was too big

The error: [Tue Jun 10 09:59:01 2008] [error] [client XXX.XXX.XXX.XXX] ModSecurity: Output filter: Content-Length (934390) over the limit (524288). [hostname "XXX.XXX"] [uri "/install/centos/5/x86_64/ repodata/comps.xml"] [unique_id "VJNb-4inMQIAACd0XcwAAAAA"]

This is set in /etc/httpd/mod_security.d/modsecurity_crs_10_config.conf SecResponseBodyLimit 524288

I increased that size and all is now well, but can somebody enlighten me as to the purpose of that setting?

I've started reading the document in /usr/share/doc/mod_security-2.1.7/doc/modsecurity2-apache-reference.pdf is there other good documentation for mod_security?

Cheers, Tony Schreiner Boston College