Author Topic: Error 403 on Opencart  (Read 12612 times)

0 Members and 2 Guests are viewing this topic.

Error 403 on Opencart
« on: June 25, 2019, 07:30:51 AM »
Who can faced a problem on Opencart. When I try to save changes in the settings of the modules or template, I get an error:

You don't have permission to access /admin/index.php on this server.

Fix Permissions does not help.
The files have 644 permissions, and 755 on folders.

It only helps to disable ModSecurity for the domain.
I use Comodo WAF

The last entry in the file:
Code: [Select]
[Sun Jun 23 15:44:57.234813 2019] [:error] [pid 29001:tid 139648344995584] [client]
ModSecurity: Access denied with code 403 (phase 2).
Pattern match "(?:'\\\\xbf?\\\\x22|\\\\x22\\\\xbf?'|^\\\\+?$)" at ARGS_POST:banner_image[1][0][link]. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"]
[line "199"]
[id "211290"] [rev "3"]
[msg "COMODO WAF: XSS and SQLi vulnerability|||F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"]
[hostname ""] [uri "/admin/index.php"] [unique_id "XQ90ScHhCrL7AehvkFkUHgAAANA"], referer:

Is it possible to fix this somehow without resorting to disabling ModSecurity?
Thank you in advance.
Может кто сталкивался с проблемой на Opencart. При попытки сохранить изменения в настройках модулей или шаблона получаю ошибку:

You don't have permission to access /admin/index.php on this server.

Fix Permissions не помогает.
На файлах выставлены права 644, а на папках 755.

Помогает только отключение ModSecurity для домена.
Использую Comodo WAF
Можно-ли это как то исправить не прибегая к отключению  ModSecurity?
Заранее спасибо.

VPS & Dedicated server provider with included FREE Managed support for CWP.

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Re: Error 403 on Opencart
« Reply #2 on: June 26, 2019, 03:58:16 PM »
Correct, added the rule 211290 and website backed to normal. Thank you