From e8f1ccfacbc497435d53bf2fced2b076c4eba819 Mon Sep 17 00:00:00 2001 From: Max Semenik Date: Sat, 6 Aug 2011 16:39:59 +0000 Subject: [PATCH] Warn user if mod_security is present --- RELEASE-NOTES-1.19 | 1 + includes/installer/Installer.i18n.php | 2 ++ includes/installer/Installer.php | 27 +++++++++++++++++++++++++++ 3 files changed, 30 insertions(+) diff --git a/RELEASE-NOTES-1.19 b/RELEASE-NOTES-1.19 index 6827008bbc..8216cde0e0 100644 --- a/RELEASE-NOTES-1.19 +++ b/RELEASE-NOTES-1.19 @@ -26,6 +26,7 @@ production. * (bug 30160) Add public method to mw.loader to get module names from registry. * (bug 15558) Parameters to special pages included in wikitext can now be passed as with templates. +* Installer now issues a warning if mod_security is present. === Bug fixes in 1.19 === * $wgUploadNavigationUrl should be used for file redlinks if diff --git a/includes/installer/Installer.i18n.php b/includes/installer/Installer.i18n.php index 9fa42f7aaa..4f0bccd2df 100644 --- a/includes/installer/Installer.i18n.php +++ b/includes/installer/Installer.i18n.php @@ -138,6 +138,8 @@ The installation may fail!", 'config-wincache' => '[http://www.iis.net/download/WinCacheForPhp WinCache] is installed', 'config-no-cache' => "'''Warning:''' Could not find [http://eaccelerator.sourceforge.net eAccelerator], [http://www.php.net/apc APC], [http://trac.lighttpd.net/xcache/ XCache] or [http://www.iis.net/download/WinCacheForPhp WinCache]. Object caching is not enabled.", + 'config-mod-security' => "'''Warning''': your web server has [http://modsecurity.org/ mod_security] enabled. If misconfigured, it can cause problems for MediaWiki or other software that allows users to post arbitrary content. +Refer to [http://modsecurity.org/documentation/ mod_security documentation] or contact your host's support if you encounter random errors.", 'config-diff3-bad' => 'GNU diff3 not found.', 'config-imagemagick' => 'Found ImageMagick: $1. Image thumbnailing will be enabled if you enable uploads.', diff --git a/includes/installer/Installer.php b/includes/installer/Installer.php index e1fd2029a2..c29dd66935 100644 --- a/includes/installer/Installer.php +++ b/includes/installer/Installer.php @@ -97,6 +97,7 @@ abstract class Installer { 'envCheckPCRE', 'envCheckMemory', 'envCheckCache', + 'envCheckModSecurity', 'envCheckDiff3', 'envCheckGraphics', 'envCheckServer', @@ -805,6 +806,15 @@ abstract class Installer { $this->setVar( '_Caches', $caches ); } + /** + * Scare user to death if they have mod_security + */ + protected function envCheckModSecurity() { + if ( !self::apacheModulePresent( 'mod_security' ) ) { + $this->showMessage( 'config-mod-security' ); + } + } + /** * Search for GNU diff3. */ @@ -1168,6 +1178,23 @@ abstract class Installer { return false; } + /** + * Checks for presence of an Apache module. Works only if PHP is running as an Apache module, too. + * + * @param $moduleName String: Name of module to check. + * @return bool + */ + public static function apacheModulePresent( $moduleName ) { + if ( function_exists( 'apache_get_modules' ) && in_array( $moduleName, apache_get_modules() ) ) { + return true; + } + // try it the hard way + ob_start(); + phpinfo( INFO_MODULES ); + $info = ob_get_clean(); + return strpos( $info, $moduleName ) !== false; + } + /** * ParserOptions are constructed before we determined the language, so fix it * -- 2.20.1