Author Topic: Reseller panel - Login error  (Read 1167 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Reseller panel - Login error
« on: June 03, 2023, 10:30:53 AM »
Hello everyone, i have a problem with my CWP Panel, when i try to access the control panel of one reseller i can't. And when i try login whith a user login a password appears the error message "failed" in the upper right corner.

I suposed to be a problem with the Mod Security on the server, i try disable the mod security on [security > Mod Security > domains] but tstill didn't working, someone can help me with that?

That are the error_log of the specified domain account:

[Sat Jun 03 05:54:50.019466 2023] [:error] [pid 21079:tid 140398160758528] [client 000.000.000.000:00000] [client 000.000.000.000] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "POST"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "domain.com"] [uri "/wp-login.php"] [unique_id "ZHr_2ZR_hnCPUCIAxWxvxAAAAQo"]

CWPpro version: 0.9.8.1157
Apache version: Apache/2.4.48
PHP version: 7.3.33


Best regards,

Yohrannes S. Bigoli.
yohrannes.bigoli@saveincloud.com
« Last Edit: June 03, 2023, 10:35:14 AM by SaveinCloud »

Offline
****
Re: Reseller panel - Login error
« Reply #1 on: June 03, 2023, 10:56:20 PM »
Disable Mod Security altogether and the CSF firewall and see if it works then. Then work your way backwards, re-enabling and testing each part in series. Are you for sure using the OWASP ruleset with Mod Security (as it looks by the logs)? Try the Comodo ruleset, as it is more friendly as a starting point.

Offline
*
Re: Reseller panel - Login error
« Reply #2 on: June 05, 2023, 12:44:02 PM »
I disable the OWASP, changing to Comodo and disable firewall but didn't works, how i can testing each part in series exatelly can you explain me?