How to Configure ModSecurity to Play Nice With Subversion
I am using the following components:
Apache/2.0.52
ModSecurity/2.1.0
Subversion/1.1.4
By default ModSecurity will block commits to SVN with threatening error messages. To overcome this place this overriding config file (e.g. modsecurity_crs_99_svn_ignores.conf) together with all the other mod_security rules (e.g. /etc/httpd/conf.d/security).
SecRule REQUEST_METHOD “^(PROPFIND|PROPPATCH)$” allow
SecRule REQUEST_METHOD “^(REPORT|OPTIONS)$” allow
SecRule REQUEST_METHOD “^(MKACTIVITY|CHECKOUT)$” allow
SecRule REQUEST_METHOD “^(PUT|DELETE|MERGE)$” allow
SecRule REQUEST_METHOD “^(MKCOL)$” allow