Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - rolla

Pages: [1]
1
When I upload big video file 6GB via WordPress /usr/local/apache/logs/modsec_audit.log grow up with the same size what was the uploaded file

Audit log level is on: Only log noteworthy transactions.

As I understand in that log file goes all binary data that I uploaded.

Some of lines from logfile:
Code: [Select]
[Mon Jun 20 00:05:52.448489 2022] [:error] [pid 24801:tid 139940270749440] [client 10.10.120.6:44098] [client 10.10.120.6] ModSecurity: Warning. Pattern match "((?:[~!@#\\\\$%\\\\^&\\\\*\\\\(\\\\)\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>][^~!@#\\\\$%\\\\^&\\\\*\\\\(\\\\)\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>]*?){8})" at REQUEST_COOKIES:wp-settings-1. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "1384"] [id "942420"] [msg "Restricted SQL Character Anomaly Detection (cookies): # of special characters exceeded ("] [data "Matched Data: =tinymce&libraryContent=browse&imgsize=large&advImgDetails=show& found within REQUEST_COOKIES:wp-settings-1: editor=tinymce&libraryContent=browse&imgsize=large&advImgDetails=show&hidetb=0&uploader=1&urlbutton=post"] [severity "WARNING"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [tag "paranoia-level/3"] [hostname "mysuperdomain.lv"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Yq-PsB_fetPJ8REDDkdM1gAAAAE"], referer: https://mysuperdomain.lv/wp-admin/upload.php
[Mon Jun 20 00:05:52.448438 2022] [:error] [pid 24801:tid 139940270749440] [client 10.10.120.6:44098] [client 10.10.120.6] ModSecurity: Warning. Pattern match "((?:[~!@#\\\\$%\\\\^&\\\\*\\\\(\\\\)\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>][^~!@#\\\\$%\\\\^&\\\\*\\\\(\\\\)\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>]*?){8})" at REQUEST_COOKIES:moove_gdpr_popup. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "1384"] [id "942420"] [msg "Restricted SQL Character Anomaly Detection (cookies): # of special characters exceeded ("] [data "Matched Data: {\\x22strict\\x22:\\x221\\x22,\\x22thirdparty\\x22 found within REQUEST_COOKIES:moove_gdpr_popup: {\\x22strict\\x22:\\x221\\x22,\\x22thirdparty\\x22:\\x221\\x22,\\x22advanced\\x22:\\x221\\x22}"] [severity "WARNING"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [tag "paranoia-level/3"] [hostname "mysuperdomain.lv"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Yq-PsB_fetPJ8REDDkdM1gAAAAE"], referer: https://mysuperdomain.lv/wp-admin/upload.php

mod_security settings


Any suggestion on how to fix this?

2
How to / How can i connect my netdata node to app.netdata.cloud
« on: January 16, 2022, 06:43:04 PM »
Hello I want to claim my node to app.netdata.cloud but when I execute command from app.netdata.cloud cwp throws error

Code: [Select]

bash <(curl -Ss https://my-netdata.io/kickstart.sh) --claim-token sometoken-sometoken-sometoken --claim-rooms roomid-d2f5-4b36-9d9d-roomid --claim-url https://app.netdata.cloud

--- Found existing install of Netdata under: / ---
 --- Attempting to claim agent to https://app.netdata.cloud ---
/dev/fd/63: line 396: /usr/sbin/netdata-claim.sh: No such file or directory
 FAILED 

Also I tried search file on all system but no luck
Code: [Select]
find / -iname "*netdata-claim.sh"

Pages: [1]