Page 1 of 1

Mantis vs. Apache ModSecurity

Posted: 27 Apr 2020, 01:21
by grante
I'm running into "500" errors from Apache because ModSecurity is enabled, and it's seeing patterns in submitted text (usually notes) that trigger an error (it thinks it's detecting an SQL injection attack). I belienve I know how to disable ModSecurity, but I'm a bit reluctant to do so.

Does anybody else run Mantis with ModSecurity enabled?

If so, can anybody point me to a ModSecurity configuration that works with Mantis?

Or is it considered safe to disable ModSecurity for Mantis?