On Mon, Aug 17, 2020 at 3:09 PM Tom Hutchison via MediaWiki-l <[email protected]> wrote: > > So, I'm just thinking out loud here to blow off steam. I've seen > mod_security block MW edits and some other weird things on shared hosting. > > Apparently, a shared host I admin for a project must have enabled some type > of proactive scanning with ClamAV or more like a ClamAV Frankenstein and it > is throwing false positive on RedirectSpecialPage.php. Trying to add it back > manually, I can create the file but as soon as I add in the code. the host > deletes it. I tried uploading it. Denied with message -> > > "The file you uploaded, RedirectSpecialPage.php, contains a virus so the > upload was canceled: YARA.blackhole_basic.UNOFFICIAL FOUND" > > Obvious it is a false positive, but WOW. Posting just in case someone else > is dealing with a stupid hosting provider who likes to flip switches and > fails to poll then review the consequences before actually flipping the > switches.
Yeah, mod_security does get a bit aggressive. The one annoys me is the horizontal rule I sometimes use as a break instead of a full blown heading, like H4 or H5: ----- mod_security blocks that when the first two chars in a line are dash. I often have to turn off mod_security to submit the page. Jeff _______________________________________________ MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
