{"id":421,"date":"2009-12-07T13:11:34","date_gmt":"2009-12-07T20:11:34","guid":{"rendered":"http:\/\/www.laurenwood.org\/anyway\/?p=421"},"modified":"2009-12-07T13:11:34","modified_gmt":"2009-12-07T20:11:34","slug":"lynx-and-mod_security","status":"publish","type":"post","link":"https:\/\/www.laurenwood.org\/anyway\/2009\/12\/lynx-and-mod_security\/","title":{"rendered":"lynx and mod_security"},"content":{"rendered":"<p>I\u2019ve been imple\u00adment\u00ading more web sites recently; it appears to be one part of the tech\u00adno\u00adlogy mar\u00adket for which there is still demand. One of the things I push when I meet with cli\u00adents is access\u00adib\u00adil\u00adity, so I figured I should test my own sites and make sure they\u2019re reas\u00adon\u00adably access\u00adible. <a href=\"http:\/\/lynx.isc.org\/\" title=\"text-based browser\">Lynx<\/a> is one tool to use to check access\u00adib\u00adil\u00adity (as well as being a good basic text-based browser). I was a little flum\u00admoxed when I got back a 406 http error, which usu\u00adally means the user agent can\u00ad\u2019t read the char\u00adac\u00adter set, lan\u00adguage, or encod\u00ading the web site uses. Even the most basic text html page was rejected.<\/p>\n<p>It turned out that my <span class=\"caps\">ISP<\/span> had <code>mod_security<\/code> enabled (good) and con\u00adfigured in such a way that lynx was banned (not so good). Ban\u00adning lynx seems to be a fal\u00adlout from a quick way of con\u00adfig\u00adur\u00ading mod_security by fil\u00adter\u00ading out keywords that might be used in hack\u00ading attempts. Per\u00adson\u00adally I can\u00ad\u2019t see the point as lynx can be told to use a dif\u00adfer\u00adent user agent string if need be, and people who want to hack your site will likely know how to do that, and I can\u00ad\u2019t under\u00adstand how people use lynx to hack a site either. Mind you, I don\u2019t hack oth\u00ader people\u2019s web sites, so I don\u2019t know the tools people use who do. Any\u00adway, the <span class=\"caps\">ISP<\/span> cheer\u00adfully took out the fil\u00adter caus\u00ading the prob\u00adlem, but in the mean\u00adtime my <span class=\"caps\">IP<\/span> address had been flagged by mod_security for try\u00ading to bypass the fil\u00adter too many times, so I was com\u00adpletely banned from my own site, as well as every oth\u00ader site that hap\u00adpens to be hos\u00adted on the same server.&nbsp;<\/p>\n<p>Even\u00adtu\u00adally we cleared up that little prob\u00adlem as well, and I could get back to tweak\u00ading my style-sheets and <span class=\"caps\">HTML<\/span> to be more access\u00adible. There\u2019s a bit more to do yet, but I\u2019m get\u00adting there. And I\u2019m grate\u00adful for an assidu\u00adous <span class=\"caps\">ISP<\/span> (<a href=\"http:\/\/www.canadianwebhosting.com\" title=\"ISP\">Cana\u00addian Web Host\u00ading<\/a>) with a sup\u00adport team that works late on Fri\u00adday nights.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I\u2019ve been imple\u00adment\u00ading more web sites recently; it appears to be one part of the tech\u00adno\u00adlogy mar\u00adket for which there is still demand. One of the things I push when I meet with cli\u00adents is access\u00adib\u00adil\u00adity, so I figured I should test my own sites and make sure they\u2019re reas\u00adon\u00adably access\u00adible. Lynx is one tool \u2026 <a href=\"https:\/\/www.laurenwood.org\/anyway\/2009\/12\/lynx-and-mod_security\/\" class=\"more-link\">Con\u00adtin\u00adue read\u00ading<span class=\"screen-reader-text\"> \u201clynx and mod_security\u201d<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":3,"activitypub_interaction_policy_quote":"","activitypub_status":"","footnotes":""},"categories":[6,4],"tags":[],"class_list":["post-421","post","type-post","status-publish","format-standard","hentry","category-technology","category-wp-mechanics"],"_links":{"self":[{"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/posts\/421","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/comments?post=421"}],"version-history":[{"count":10,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/posts\/421\/revisions"}],"predecessor-version":[{"id":791,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/posts\/421\/revisions\/791"}],"wp:attachment":[{"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/media?parent=421"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/categories?post=421"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.laurenwood.org\/anyway\/wp-json\/wp\/v2\/tags?post=421"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}