From 75b8883bd9c3834c02f276740ee58f1a65983e1b Mon Sep 17 00:00:00 2001
From: Ken Dreyer <ktdreyer@ktdreyer.com>
Date: Thu, 27 Oct 2011 20:52:18 -0600
Subject: [PATCH] add mod_security overrides

mod_security blocks a cacti upgrade procedure. Override and document
the two rules that cause problems. This could probably be tightened
down to apply only to the "install" directory.
---
 cacti-httpd.conf | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/cacti-httpd.conf b/cacti-httpd.conf
index 9187aa6..4d4c26b 100644
--- a/cacti-httpd.conf
+++ b/cacti-httpd.conf
@@ -11,6 +11,14 @@ Alias /cacti    /usr/share/cacti
 	Order Deny,Allow
 	Deny from all
 	Allow from 127.0.0.1
+	
+	# mod_security overrides
+	<IfModule security2_module>
+		# allow POST of application/x-www-form-urlencoded during install
+		SecRuleRemoveById 960010
+		# permit the specification of the rrdtool paths during install
+		SecRuleRemoveById 900011
+	</IfModule>
 </Directory>