mod_security and .pps files

I recently had a situation on a server where users were uploading .pps (powerpoint) files, but could not access them via the web (would not even trigger a download)

It turns out mod_security was causing this : (I "x"ed out ips, etc)

[Sun Apr 10 20:09:27 2005] [error] [client xxx.xx.xxx.xx] mod_security: Access denied with code 500. Pattern match "ps\\x20" at THE_REQUEST. [hostname "www.x***********"] [uri "/Cute.pps"]

I commented out the ruleset line in httpd.conf and it now works, but is this causing any problems that I should be concerned about, or is there a ruleset I can add to allow the .pps files?

This is the line I commented out :

#SecFilterSelective THE_REQUEST "ps\x20"

Any help or suggestions are greatly appreciated.

 

 

 

 

Top