Re: Directive SecUploadApproveScript

Tomas Hidalgo Salvador wrote:
>
> This work fine:
> 
> SecUploadApproveScript /usr/local/apache2/bin/verify_upload_webmail.pl
> 
> But, this not work fine:
> 
> SecUploadApproveScript
> /usr/local/apache2/bin/verificar_upload_webmail.pl  “log,pass”
> 
> The error:
>
> Syntax error on line 32 of /usr/local/apache2/conf/mod-security.conf:
> SecUploadApproveScript takes one argument, The path to the script that
> will be called to approve every uploaded file
> 
> How I can control the default action with SecUploadApproveScript?
> 
> I would like to warn the user that its file is infected by virus.

  SecUploadApproveScript does not support a custom action list yet.
  (I've added your request to my TODO list too).

  Try something like this (just an idea, I haven't tried it myself):

  <Location /path/to/your/upload/script>
      SecFilterDefaultAction ...
      SecUploadApproveScript ...
  </Location>

--

-- 
Ivan Ristic
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org

-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php