[development] 4.7.5 release
gerhard at killesreiter.de
Fri Dec 22 17:17:47 UTC 2006
Scott McLewin wrote:
> I'm new to this particular task,
> so please forgive as I take a few
> missteps on how to report problems. Through my own challenges I'm also
> locked out of my d.o user account right now*. I've worked over the
> issue queue and only this issue appears to be related to the bug I found
> in 4.7.5: http://drupal.org/node/104693
Thanks, I've reverted that patch.
> Sorry for using this forum to report the problem. I'll get myself back
> into d.o as soon as I learn how to configure mod_security correctly.
> I'm picking security over being able to get into d.o right now.
> * A recent hosting provider move to dedicated hosting has a new
> mod_security setup that blocks d.o authentication against my personal
> site for federated login with error 406. I'm new to mod_security
> configuration. I've worked out how to tell mod_security to perform no
> security checks on /xmlrpc.php, but I have not yet worked out how to
> tell it to perform no checks for 126.96.36.199 (d.o) but check for
Drupal.org has two IPs, 188.8.131.52 and 184.108.40.206.
> everybody else. I'm not willing to leave it open, so I'm locked out of
> d.o until I fix this. Which I'll get to. If there is anybody out there
> expert enough on mod_security to help, please contact me off-list.
I think mod_security is a module that creates a lot of difficult to
track down problems...
Depending on configuration is breaks forms that contain values that it
disapproves of. Completely harmless values.
More information about the development