Control Web Panel
Security => Mod_Security => Topic started by: emar on December 07, 2022, 05:48:10 AM
-
Hi,
I have an issue where I keep getting logged out of one of my sites, wondering if this is causing it?
I'm not sure what the error is, I did disable mod security for this subdomain.
[Sun Dec 04 06:07:02.797116 2022] [:error] [pid 2459:tid 140698774865664] [client 3.44.104.50:38650] [client 3.44.104.50] ModSecurity: Warning. Found 1 byte(s) in REQUEST_HEADERS:sec-ch-ua-mobile outside range: 32,34,38,42-59,61,65-90,95,97-122. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1522"] [id "920274"] [msg "Invalid character in request headers (outside of very strict set)"] [data "REQUEST_HEADERS:sec-ch-ua-mobile=?0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "paranoia-level/4"] [hostname "sub.domain.it"] [uri "/ad1/theme/theme.css"] [unique_id "Y4w5BtDf09272i5clVjrZQAAAJI"]
Any advice appreciated
Thanks
-
turn off/uninstall mod
-
I disabled mod security for that subdomain,
Do I need to turn it off for the whole main domain also?
I'll give it a try but i like to keep my sites as secure as I can.
-
You're using the OWASP ruleset. I would suggest trying the Comodo rules instead -- it will throw less false-positives; it's not as restrictive and is more beginner-friendly.
-
Thanks I'll try that next