Author Topic: Permission to access /webftp_simple/ on this server  (Read 10869 times)

0 Members and 1 Guest are viewing this topic.

Permission to access /webftp_simple/ on this server
« on: January 19, 2016, 10:11:03 PM »

Please help.
I have a problem with File manager in the client part of the panel.
You log in as a client File Manager provides the following error ..
You do not have permission to access / webftp_simple / on this server.

How to solve this problem.

Re: Permission to access /webftp_simple/ on this server
« Reply #1 on: January 20, 2016, 05:57:19 AM »
have you checked the apache logs for error ?
AntiDDoS Protection (web + mail)

Join our Development Team and get paid !

Services Monitoring & RBL Monitoring

Do you need Fast and FREE Support included for your CWP linux server?
Installation Instructions
Get Fast Support Here

Re: Permission to access /webftp_simple/ on this server
« Reply #2 on: January 20, 2016, 09:27:13 AM »
Hi log:

Wed Jan 20 00:01:24 2016] [notice] caught SIGTERM, shutting down
[Wed Jan 20 00:01:25 2016] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
[Wed Jan 20 00:01:25 2016] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Jan 20 00:01:25 2016] [notice] suEXEC mechanism enabled (wrapper: /usr/local/apache/bin/suexec)
[Wed Jan 20 00:01:25 2016] [notice] ModSecurity for Apache/2.8.0 ( configured.
[Wed Jan 20 00:01:25 2016] [notice] ModSecurity: APR compiled version="1.5.1"; loaded version="1.5.1"
[Wed Jan 20 00:01:25 2016] [notice] ModSecurity: PCRE compiled version="7.8 "; loaded version="7.8 2008-09-05"
[Wed Jan 20 00:01:25 2016] [notice] ModSecurity: LIBXML compiled version="2.7.6"
[Wed Jan 20 00:01:25 2016] [notice] Status engine is currently disabled, enable it by set SecStatusEngine to On.
[Wed Jan 20 00:01:26 2016] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Jan 20 00:01:26 2016] [notice] Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips configured -- resuming normal operations
[Wed Jan 20 00:03:23 2016] [error] [client xxxxxxxxxx] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){8,}" at REQUEST_COOKIES:expanded_dir_list. [file "/usr/local/apache/modsecurity-crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: : found within REQUEST_COOKIES:expanded_dir_list: ::usr:local:cwpsrv:htdocs:admin:/home/home:/home/mnhost/mnhost"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "xxxxxxxxxx"] [uri "/webftp_simple/"] [unique_id "Vp6yq8KHUHkAAB1yXtkAAAAA"]
[Wed Jan 20 00:32:56 2016] [notice] caught SIGTERM, shutting down
[Wed Jan 20 00:34:25 2016] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
[Wed Jan 20 00:34:25 2016] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Jan 20 00:34:25 2016] [notice] suEXEC mechanism enabled (wrapper: /usr/local/apache/bin/suexec)
[Wed Jan 20 00:34:25 2016] [notice] ModSecurity for Apache/2.8.0 ( configured.
[Wed Jan 20 00:34:25 2016] [notice] ModSecurity: APR compiled version="1.5.1"; loaded version="1.5.1"
[Wed Jan 20 00:34:25 2016] [notice] ModSecurity: PCRE compiled version="7.8 "; loaded version="7.8 2008-09-05"
[Wed Jan 20 00:34:25 2016] [notice] ModSecurity: LIBXML compiled version="2.7.6"
[Wed Jan 20 00:34:25 2016] [notice] Status engine is currently disabled, enable it by set SecStatusEngine to On.
[Wed Jan 20 00:34:26 2016] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Jan 20 00:34:26 2016] [notice] Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips configured -- resuming normal operations
[Wed Jan 20 01:34:25 2016] [error] [client xxxxxxxxxx] File does not exist: /usr/local/apache/htdocs/admin
[Wed Jan 20 04:02:19 2016] [error] [client xxxxxxxxxx] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/usr/local/apache/modsecurity-crs/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "52"] [id "960911"] [rev "2"] [msg "Invalid HTTP Request Line"] [data "GET HTTP/1.1 HTTP/1.1"] [severity "WARNING"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_REQ"] [tag "CAPEC-272"] [hostname "xcxxxxxxxx"] [uri "HTTP/1.1"] [unique_id "xxxxxxxxxxxxxxx"]
[Wed Jan 20 04:02:19 2016] [error] [client xxxxx] script not found or unable to stat: /usr/local/apache/cgi-bin/php4
[Wed Jan 20 04:02:19 2016] [error] [client xxxxx] script not found or unable to stat: /usr/local/apache/cgi-bin/php5
[Wed Jan 20 04:02:20 2016] [error] [client xxxxxx] File does not exist: /usr/local/apache/htdocs/index.cgi
[Wed Jan 20 04:02:20 2016] [error] [client xxxxxxx] script not found or unable to stat: /usr/local/apache/cgi-bin/php
[Wed Jan 20 04:02:20 2016] [error] [client xxxxxxx] script not found or unable to stat: /usr/local/apache/cgi-bin/php5-cli
[Wed Jan 20 04:02:20 2016] [error] [client xxxxxxx] File does not exist: /usr/local/apache/htdocs/phppath
[Wed Jan 20 04:02:21 2016] [error] [client xxxxxxx] File does not exist: /usr/local/apache/htdocs/phppath
[Wed Jan 20 04:02:21 2016] [error] [client xxxxxxx] File does not exist: /usr/local/apache/htdocs/cgi-sys
[Wed Jan 20 04:02:21 2016] [error] [client xxxxxxx] script not found or unable to stat: /usr/local/apache/cgi-bin/php.fcgi
[Wed Jan 20 04:02:21 2016] [error] [client xxxxxx] script not found or unable to stat: /usr/local/apache/cgi-bin/index.cgi
« Last Edit: January 20, 2016, 11:07:44 AM by paja »

Re: Permission to access /webftp_simple/ on this server
« Reply #3 on: January 20, 2016, 06:31:37 PM »

Problem solved

Uninstall mod_security and all ok

 ;) :o

Re: Permission to access /webftp_simple/ on this server
« Reply #4 on: January 20, 2016, 11:14:31 PM »
you should leave it enabled and you can whitelist the rule id 981172
AntiDDoS Protection (web + mail)

Join our Development Team and get paid !

Services Monitoring & RBL Monitoring

Do you need Fast and FREE Support included for your CWP linux server?
Installation Instructions
Get Fast Support Here