Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Add note to reverse_proxy.md about disabling Apache's mod_security2 (#…
Browse files Browse the repository at this point in the history
…8375)

This change adds a note and a few lines of configuration settings for Apache users to disable ModSecurity for Synapse's virtual hosts. With ModSecurity enabled and running with its default settings, Matrix clients are unable to send chat messages through the Synapse installation. With this change, ModSecurity can be disabled only for the Synapse virtual hosts.
  • Loading branch information
jfietkau authored Sep 23, 2020
1 parent 8998217 commit a4e63e5
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 0 deletions.
1 change: 1 addition & 0 deletions changelog.d/8375.doc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Add note to the reverse proxy settings documentation about disabling Apache's mod_security2. Contributed by Julian Fietkau (@jfietkau).
8 changes: 8 additions & 0 deletions docs/reverse_proxy.md
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,14 @@ example.com:8448 {

**NOTE**: ensure the `nocanon` options are included.

**NOTE 2**: It appears that Synapse is currently incompatible with the ModSecurity module for Apache (`mod_security2`). If you need it enabled for other services on your web server, you can disable it for Synapse's two VirtualHosts by including the following lines before each of the two `</VirtualHost>` above:

```
<IfModule security2_module>
SecRuleEngine off
</IfModule>
```

### HAProxy

```
Expand Down

0 comments on commit a4e63e5

Please sign in to comment.