Roundcube & Modsecurity Problem

[jimtsop]

We have an annoying problem on all of our servers running Roundcube & Modsecurity.

When someone tries to forward an email as soon as he types the first letters of the recipient he gets logged out of roundcube.

I’m trying to find a solution on how to disable modsecurity for the folder of /roundcube but I didn’t find a solution that really worked.

Could you please help with that, as it’s really annoying?

Our system use the following: Debian 5.1, DirectAdmin 1.35.1, Apache 2.2.15, Exim 4.69, MySQL 5.0.88, Named 9.5.1, ProFTPd 1.3.3, dovecot 1.2.11, Php 5.2.13

 

[tillo]

Read the error log and comment the offending rule. The default ruleset of ModSecurity2 has a huge list of obsolete and useless rules, you have to keep an eye at the logfile all the time.

 

[jimtsop]

I've found the solution

I had to edit modsecurity configuration file in my case
pico /etc/modsecurity2/modsec.v2.rules.conf
adding the following before the final comments of the file.


#Rule to allow Roundcube html2text
SecRule REQUEST_FILENAME "/roundcube/bin/html2text.php" \
"allow,phase:1,nolog,ctl:ruleEngine=Off"

#Rule to allow Roundcube to forward imbedded images and exclude from compression scanning
<LocationMatch '^/roundcube/'>
SecRuleRemoveById 950004,950019,960903
</LocationMatch>

 

[SeLLeRoNe]

ive the same problem but i dont use /roundcube/ path but webmail.domain/ path... should you help me find out how to make the rule?