Control Web Panel
Security => Mod_Security => Topic started by: gilliard on May 27, 2016, 10:19:45 PM
-
Hello I can not access the page after I installed mod_security, put a folder in the account and will not appear ... :'( :'( :'( :'( :'(
http://imgur.com/v0PeP9q
-
check the apache error log and find your ip, their will be a ID which you have to whitelist.
-
I did not understand, what to do?
where I find the logs?
-
I did not understand, what to do?
where I find the logs?
/usr/local/apache/logs
-
okay, what should I look for?
-
Found it:
linhasmart.tk"] [uri "/"] [unique_id "V0necn8AAAEAABpbW@cAAAAG"]
"linhasmart.tk"] [uri "/"] [unique_id "V0n2AH8AAAEAABoPTEgAAAAF"]
-
Not this one id will be like this id:200000
-
This
[id "970013"]
-
[Sun May 29 15:49:36 2016] [error] [client 186.209.253.230] ModSecurity: Access denied with code 403 (phase 4). Pattern match "(?:<(?:TITLE>Index of.*?<H|title>Index of.*?<h)1>Index of|>\\\\[To Parent Directory\\\\]<\\\\/[Aa]><br>)" at RESPONSE_BODY. [file "/usr/local/apache/modsecurity-crs/base_rules/modsecurity_crs_50_outbound.conf"] [line "136"] [id "970013"] [rev "2"] [msg "Directory Listing"] [data "Matched Data: <title>Index of /</title>\\x0a </head>\\x0a <body>\\x0a<h1>Index of found within RESPONSE_BODY: <!DOCTYPE HTML PUBLIC \\x22-//W3C//DTD HTML 3.2 Final//EN\\x22>\\x0a<html>\\x0a <head>\\x0a <title>Index of /</title>\\x0a </head>\\x0a <body>\\x0a<h1>Index of /</h1>\\x0a<ul></ul>\\x0a</body></html>\\x0a"] [severity "ERROR"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/LEAKAGE/INFO_DIRECTORY_LISTING"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [hostname "linhasmart.tk"] [uri "/"] [unique_id "V0tH0H8AAAEAABpbXDEAAAAG"]
-
check the apache error log and find your ip, their will be a ID which you have to whitelist.
White listing his IP address works also.
-
I'm not understanding what you have to do
-
Add it in Disabled Rules --> /usr/local/apache/conf/mod_sec_disabled_rules.conf (you can just click the link in the mod security section)
Add the rule id in the file SecRuleRemoveById [the rule id you found] and click save changes.
-
Like this?
http://imgur.com/6cHuji9
-
Yes
-
It works, but the folder does not appear ... something is missing?
http://imgur.com/bWD1hzW
-
We don't give support for websites. If you have question regarding cwp you can ask.
-
yes, it is not a website is only a folder
-
yes, it is not a website is only a folder
where did you put the folder please specify the path
you need to upload all files to /home/username/public_html/
-
Yes, just have a folder
http://imgur.com/ZNseciA
-
Yes, just have a folder
http://imgur.com/ZNseciA
Pm me the server's root password and IP
-
I sent a private message
-
Problem resolved
-
Amazing! Thank you, what was the problem?
-
Amazing! Thank you, what was the problem?
.htaccess was placed in wrong location
and permission issues
-
Okay, great job, thank you.
Another doubt, I can use external mail server as zimbra?
-
Okay, great job, thank you.
Another doubt, I can use external mail server as zimbra?
I never tried it but their is a guide :
https://wiki.zimbra.com/wiki/CentOS_6.3_and_Zimbra_8_Install_Guide
-
Yes, I already installed zimbra so do not know how to configure cwp panel to direct emails to him.
-
Yes, I already installed zimbra so do not know how to configure cwp panel to direct emails to him.
is this custom request?
you need to contact cwp support team for custom requests.