Last modified: 2011-04-30 01:20:47 UTC
When trying to install Mediawiki as usual I get a 403 after finishing config/index.php The server log shows: Message: Operator GT matched 1 at TX:arg_name_DBmwschema. [file "/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "28"] [msg "Possible HTTP Parameter Pollution Attack: Multiple Parameters with the same Name."] Sitename=demo& EmergencyContact=XXXXX& LanguageCode=en& License=none& SysopName=admin& SysopPass=XXXX& SysopPass2=XXXX& Shm=none& MCServers=& Email=email_enabled& Emailuser=emailuser_enabled& Enotif=enotif_allpages& Eauthent=eauthent_enabled& DBtype=mysql& DBserver=localhost& DBname=test& DBuser=wiki& DBpassword=XXXX& DBpassword2=XXXX& useroot=on& RootUser=wiki& RootPW=XXXX& DBprefix=& DBengine=InnoDB& DBschema=mysql5-binary& DBport=5432& DBmwschema=mediawiki& DBts2schema=public& SQLiteDataDir=& DBprefix2=& DBport_db2=50000& DBmwschema=mediawiki& DBcataloged=cataloged Tracking down further I notice "DBmwschema" mentioned twice in the url parameters, so mod_security's message "Possible HTTP Parameter Pollution Attack: Multiple Parameters with the same Name" seems correct indeed. I guess that line 634 of config/index.php is redundant with line 621 $conf->DBmwschema = importPost( "DBmwschema", "mediawiki" ); However, commenting out line 634 did not solve the problem. Disabling mod_security (v 2.5.10-2.fc11) worked as a workaround.
Was fixed on r57454 when fixing bug 21030
ok