mod_security drop action

[munduk75]

Hi,

I'm having a problem with mod_security "drop" action, it doesn't want to work.
For instance, I use :

SecFilterSelective REQUEST_URI "/hacker"

Then set Action to "log,drop" (either in vhost or server tab), restart LiteSpeed and all I get in 404 page not found

Can LiteSpeed v4.0.4 handle the drop action ?

Thanks.

 

[grniyce]

Take a look at MIS Twang's response here: http://www.litespeedtech.com/support/forum/report.php?p=15145

 

[munduk75]

Thanks, but I still get the same problem.

- if the file doesn't exist, it returns a 404. Well, OK, I understood that, in that case, not rule will be parsed (too bad !).
- if the file exists, depending on its mime-type, it will be displayed/ran or downloaded

 

[mistwang]

drop action is not supported yet, use deny instead.
Will add that.