Author Topic: Mod Security issues  (Read 11293 times)

0 Members and 1 Guest are viewing this topic.

Mod Security issues
« on: October 23, 2014, 01:27:31 AM »
 i Enable Mod Security

use joomla! cms

Can't save or Close on edit content
show 403

You don't have permission to access /administrator/index.php on this server.
error log
Code: [Select]
[Thu Oct 23 08:04:13 2014] [error] [client] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*?)\\\\b([\\\\d\\\\w]++)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*?)(?:(?:=|<=>|r?like|sounds\\\\s+like|regexp)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*?)\\\\2\\\\b|(?:!=|<=|>=|<>|<|>|\\\\^|is\\\\s+not ..." at ARGS:jform[articletext]. [file "/usr/local/apache/modsecurity-crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "77"] [id "950901"] [rev "2"] [msg "SQL Injection Attack: SQL Tautology Detected."] [data "Matched Data: p>sss found within ARGS:jform[articletext]:

"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname ""] [uri "/administrator/index.php"] [unique_id "VEjuvX8AAAEAACq27rsAAAAD"]

Re: Mod Security issues
« Reply #1 on: October 23, 2014, 10:03:10 PM »
using mod security module in the cwp you can manually white list rules

in your example rule id is [id "950901"]:
AntiDDoS Protection (web + mail)

Join our Development Team and get paid !

Services Monitoring & RBL Monitoring

Do you need Fast and FREE Support included for your CWP linux server?
Installation Instructions
Get Fast Support Here