Last modified: 2014-09-22 17:51:41 UTC
mod_security(2) does weird things, like cause apache to serve a 500 error if people use words like "select" in an article. Since there is no error given to user, people blame us. we should detect with get_apache_modules() and warn user when installing mediawiki about this, because this sort of "security" is just stupid
And oh look, I was poking around in Installer.php today, and noticed we actually already do this. But there appears to be a mod_security2 we still need to check for (I think, need to do some googling)
Change 161669 had a related patch set uploaded by Jackmcbarn: Improve mod_security warning https://gerrit.wikimedia.org/r/161669
I'm also wondering if we should add something to Special:Version that says if mod_security(2) is loaded, so that we can point it out immediately to users when they show us their wiki with these random problems.
Change 161669 merged by jenkins-bot: Improve mod_security warning https://gerrit.wikimedia.org/r/161669
(In reply to Jackmcbarn from comment #3) > I'm also wondering if we should add something to Special:Version that says > if mod_security(2) is loaded, so that we can point it out immediately to > users when they show us their wiki with these random problems. Eh, that seems like a slippery slope. Anyways, probably out of scope for this bug.