Author Topic: Error 400 Forbidden, You don't have permission to access  (Read 8579 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Error 400 Forbidden, You don't have permission to access
« on: June 07, 2016, 02:16:57 PM »
Recently, i setup server Centos OS 6.7 at DigitalOcean and CWP admin. I add new domain to server.

After i up code on root (ex: /home/pmgshopm/public_html), when i run a website, it get error 400 Forbidden, You don't have permission to access and mod_rewrite not working.

I check server apache by using a command: /usr/local/apache/bin/httpd -M|grep rewrite

and get output "rewrite_module (static)".


And file error_log:

[Tue Jun 07 07:10:09 2016] [error] [client my ip] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:wc_session_cookie_e8ae430b4278fd0697f8971d057ac977. [file "/usr/local/apache/modsecurity-crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "70"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:wc_session_cookie_e8ae430b4278fd0697f8971d057ac977: b53OZiK9ahBKZDy4qwYYaNeKhNxCcjgk||1465430992||1465427392||8ade7cc4dd384acd5996475770f034b7"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mydomain.com"] [uri "/"] [unique_id "V1YQ4X8AAAEAAAXmBVcAAAAD"]



My  vhost file:

# vhost_start mydomain.com<VirtualHost my ip:80>
ServerName mydomain.com
ServerAlias www.mydomain.com
ServerAdmin me@gmail.com
DocumentRoot "/home/pmgshopm/public_html"
ScriptAlias /cgi-bin/ "/home/pmgshopm/public_html/cgi-bin/
#
# Custom settings are loaded below this line (if any exist)
# Include "/usr/local/apache/conf/userdata/pmgshopm/mydomain.com/*.conf

<IfModule mod_suexec.c>
        SuexecUserGroup pmgshopm pmgshopm
</IfModule>

<IfModule mod_suphp.c>
        suPHP_UserGroup pmgshopm pmgshopm
        suPHP_ConfigPath /home/pmgshopm
</IfModule>

<Directory "/home/pmgshopm/public_html">
        AllowOverride All
</Directory>

</VirtualHost>
# vhost_end Recently, i setup server Centos OS 6.7 at DigitalOcean and CWP admin. I add new domain to server.

After i up code on root (ex: /home/pmgshopm/public_html), when i run a website, it get error 400 Forbidden, You don't have permission to access and mod_rewrite not working.

I check server apache by using a command: /usr/local/apache/bin/httpd -M|grep rewrite

and get output "rewrite_module (static)".


And file error_log:

[Tue Jun 07 07:10:09 2016] [error] [client my ip] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?:(?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:wc_session_cookie_e8ae430b4278fd0697f8971d057ac977. [file "/usr/local/apache/modsecurity-crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "70"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:wc_session_cookie_e8ae430b4278fd0697f8971d057ac977: b53OZiK9ahBKZDy4qwYYaNeKhNxCcjgk||1465430992||1465427392||8ade7cc4dd384acd5996475770f034b7"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "mydomain.com"] [uri "/"] [unique_id "V1YQ4X8AAAEAAAXmBVcAAAAD"]



My  vhost file:

# vhost_start mydomain.com<VirtualHost my ip:80>
ServerName mydomain.com
ServerAlias www.mydomain.com
ServerAdmin me@gmail.com
DocumentRoot "/home/pmgshopm/public_html"
ScriptAlias /cgi-bin/ "/home/pmgshopm/public_html/cgi-bin/
#
# Custom settings are loaded below this line (if any exist)
# Include "/usr/local/apache/conf/userdata/pmgshopm/mydomain.com/*.conf

<IfModule mod_suexec.c>
        SuexecUserGroup pmgshopm pmgshopm
</IfModule>

<IfModule mod_suphp.c>
        suPHP_UserGroup pmgshopm pmgshopm
        suPHP_ConfigPath /home/pmgshopm
</IfModule>

<Directory "/home/pmgshopm/public_html">
        AllowOverride All
</Directory>

</VirtualHost>
# vhost_end mydomain.com

Offline
*****
Re: Error 400 Forbidden, You don't have permission to access
« Reply #1 on: June 07, 2016, 04:40:36 PM »
Add this id "981319" /usr/local/apache/conf/mod_sec_disabled_rules.conf

add this  :
SecRuleRemoveById 981319