Hello,I'm running a dw-installation on a solaris machine with apache. My admin told me, that mod_security produced some warnings because of the dokuwiki indexer, which uses a strange URL-format.
For example: "/repaint/lib/exe/indexer.php?id=start&1210159793" It gave the following warning:[Wed May 07 13:29:54 2008] [error] [client 193.28.194.12] mod_security: Warning. Pattern match "!^[][a-zA-Z0-9_]*$" at ARGS_NAMES [msg "SSI injection attack"] [severity "EMERGENCY"] [hostname "www.imt.tu-cottbus.de"] [uri "/repaint/lib/exe/indexer.php?id=start&1210159793"] [unique_id "SKbd@I0rAQcAAAGNOGUAAAAB"]
Shouldn't the URL above look like: /repaint/lib/exe/indexer.php?id=start&1210159793"But what is the timestamp for? It seems not beeing used anywhere, because in the url above it is recogniced as part of the ID and filtered out.
Thanks Richard -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist