Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 16, 2024, 06:29:50 PM »
yes it worked after disabling SecRuleRemoveById 218500 but comodo waf rules keep switching back to 1.240 after a while automatically. i do update to 1.241 and it showed for a while but revert back to 1.240
2
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 16, 2024, 03:11:50 AM »
[Sat Nov 16 04:08:49.493070 2024] [:error] [pid 1333365:tid 1333386] [client 182.183.59.223:63036] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?
?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "70"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:21|||ep=https://fizascollection.co.uk/|||rf=(none)"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "fizascollection.co.uk"] [uri "/favicon.ico"] [unique_id "ZzgMwaSdHEb44HSsRSRFyAAAAEA"], referer: https://fizascollection.co.uk/
[Sat Nov 16 04:08:48.967452 2024] [:error] [pid 1333365:tid 1333390] [client 182.183.59.223:63036] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(??:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "70"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:21|||ep=https://fizascollection.co.uk/|||rf=(none)"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "fizascollection.co.uk"] [uri "/"] [unique_id "ZzgMwKSdHEb44HSsRSRFxwAAAEI"]
?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "70"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:21|||ep=https://fizascollection.co.uk/|||rf=(none)"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "fizascollection.co.uk"] [uri "/favicon.ico"] [unique_id "ZzgMwaSdHEb44HSsRSRFyAAAAEA"], referer: https://fizascollection.co.uk/[Sat Nov 16 04:08:48.967452 2024] [:error] [pid 1333365:tid 1333390] [client 182.183.59.223:63036] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(\\\\!\\\\=|\\\\&\\\\&|\\\\|\\\\||>>|<<|>=|<=|<>|<=>|xor|rlike|regexp|isnull)|(?:not\\\\s+between\\\\s+0\\\\s+and)|(?:is\\\\s+null)|(like\\\\s+null)|(?
?:^|\\\\W)in[+\\\\s]*\\\\([\\\\s\\\\d\\"]+[^()]*\\\\))|(?:xor|<>|rlike(?:\\\\s+binary)?)|(?:regexp\\\\s+binary))" at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "70"] [id "981319"] [rev "2"] [msg "SQL Injection Attack: SQL Operator Detected"] [data "Matched Data: || found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:21|||ep=https://fizascollection.co.uk/|||rf=(none)"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "fizascollection.co.uk"] [uri "/"] [unique_id "ZzgMwKSdHEb44HSsRSRFxwAAAEI"]3
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 16, 2024, 02:55:06 AM »The Comodo fix was for WooCommerce.
What Rule does WAF show is being triggered by WordPress.
Haven't seen any conflict with Comodo and WordPress on AL8 or AL9.
i am using AlmaLinux 9 with comodo waf rules that you shared i.e. Installed version: 1.241
its blocking all wordpress websites , only main page is opened and if i click on any other link or page on site it blocks, see below logs if you can figure out whats wrong
[Sat Nov 16 03:50:54.257704 2024] [:error] [pid 1330522:tid 1330564] [client 182.183.59.223:64832] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/wp-content/plugins/burst-statistics/endpoint.php"] [unique_id "ZzgIjkgvZjUGsoby_ov1fQAAAIQ"], referer: https://karimsonline.com/[Sat Nov 16 03:50:54.020822 2024] [:error] [pid 1330522:tid 1330563] [client 182.183.59.223:64832] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/"] [unique_id "ZzgIjkgvZjUGsoby_ov1fAAAAIM"], referer: https://karimsonline.com/[Sat Nov 16 03:50:52.725801 2024] [:error] [pid 1330522:tid 1330562] [client 182.183.59.223:64832] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/"] [unique_id "ZzgIjEgvZjUGsoby_ov1ewAAAII"], referer: https://karimsonline.com/[Sat Nov 16 03:50:46.468741 2024] [:error] [pid 1330502:tid 1330505] [client 182.183.59.223:64830] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/blog/"] [unique_id "ZzgIhpCaZKKW28uOR-L7sQAAAAA"][Sat Nov 16 03:48:36.874131 2024] [:error] [pid 1330019:tid 1330074] [client 182.183.59.223:64816] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/wp-content/plugins/burst-statistics/endpoint.php"] [unique_id "ZzgIBLel4_HzjjsBKm1tKwAAAIo"], referer: https://karimsonline.com/[Sat Nov 16 03:48:36.672057 2024] [:error] [pid 1330019:tid 1330064] [client 182.183.59.223:64816] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/blog/"] [unique_id "ZzgIBLel4_HzjjsBKm1tKgAAAIA"], referer: https://karimsonline.com/[Sat Nov 16 03:48:35.337429 2024] [:error] [pid 1330095:tid 1330097] [client 182.183.59.223:64812] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/wp-content/uploads/2024/07/WhatsApp-Video-2024-07-03-at-1.45.39-PM.mp4"] [unique_id "ZzgIA_A-4WHASGySwtqn9gAAAMA"], referer: https://karimsonline.com/[Sat Nov 16 03:48:34.872764 2024] [:error] [pid 1330019:tid 1330072] [client 182.183.59.223:64816] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/wp-content/uploads/elementor/css/post-8371.css"] [unique_id "ZzgIArel4_HzjjsBKm1tKQAAAIg"], referer: https://karimsonline.com/[Sat Nov 16 03:48:34.846642 2024] [:error] [pid 1330095:tid 1330120] [client 182.183.59.223:64812] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/"] [unique_id "ZzgIAvA-4WHASGySwtqn9QAAANc"], referer: https://karimsonline.com/[Sat Nov 16 03:48:34.698242 2024] [:error] [pid 1330007:tid 1330042] [client 182.183.59.223:64811] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/wp-includes/images/w-logo-blue-white-bg.png"] [unique_id "ZzgIAnBkV9IysqCAxkWtOgAAAEk"], referer: https://karimsonline.com/[Sat Nov 16 03:48:34.632827 2024] [:error] [pid 1330095:tid 1330119] [client 182.183.59.223:64803] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/favicon.ico"] [unique_id "ZzgIAvA-4WHASGySwtqn9AAAANY"], referer: https://karimsonline.com/[Sat Nov 16 03:48:34.406136 2024] [:error] [pid 1330095:tid 1330113] [client 182.183.59.223:64803] [client 182.183.59.223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union\\\\sall\\\\sselect\\\\s(?
?:null|\\\\d+),?)+|order\\\\sby\\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s'\\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(??:pg_)?sleep\\\\(\\\\d+\\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_current_add. [file "/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||karimsonline.com|F|2"] [data "Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-11-16 02:48:33|||ep=https:/karimsonline.com/|||rf=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "karimsonline.com"] [uri "/wp-content/plugins/burst-statistics/endpoint.php"] [unique_id "ZzgIAvA-4WHASGySwtqn8wAAANA"], referer: https://karimsonline.com/
4
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 15, 2024, 10:06:32 AM »
i switched back to OWASP latest rules but they are not blocking malicious attempts . i can see in logs its detecting but attempt is not blocked 
on the other hand comodo waf rules keeps blocking everything
before last update everything was fine and comodo waf rules were the best
on the other hand comodo waf rules keeps blocking everything
before last update everything was fine and comodo waf rules were the best
5
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 15, 2024, 09:49:04 AM »
i just updated the rules to 1.241 version but same issue all wordpress sites are being blocked . only first page is opened and if i click on any other link on wordpress website its blocked by comodo waf rule
6
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 15, 2024, 09:35:19 AM »I'm guessing your country code is PK?
That's probably why you can't connect.
Try the link now.
yes its working now and thanks a lot for your help.
so should i just unzip all files to /usr/local/apache/modsecurity-cwaf/rules location on my server thats it ? it will update and install new rules automatically?or do i have to remove old rule files from this location first
7
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 15, 2024, 07:24:19 AM »
i switched to OWASP latest waf but that doesnt seem to be triggering rules as i tried the follow but instead of blocking it open website normally.
https://droppy.pk/?SELECT * FROM mysql.users
or
http://droppy.pk/?test=/etc/passwd
and in logs i get this :
-----------------------------------------------------------------------------
[Fri Nov 15 08:22:54.697941 2024] [:error] [pid 1240692:tid 1240745] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvgAAAIs"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.697362 2024] [:error] [pid 1240692:tid 1240745] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvgAAAIs"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.168467 2024] [:error] [pid 1240692:tid 1240750] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvQAAAI0"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.167868 2024] [:error] [pid 1240692:tid 1240750] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvQAAAI0"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:53.797438 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Found 4 byte(s) in ARGS_NAMES:SELECT * FROM mysql.users outside range: 38,44-46,48-58,61,65-90,95,97-122. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1501"] [id "920273"] [msg "Invalid character in request (outside of very strict set)"] [data "ARGS_NAMES:SELECT * FROM mysql.users=SELECT * FROM mysql.users"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "paranoia-level/4"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:53.797161 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:53.796455 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:25.022988 2024] [:error] [pid 1240690:tid 1240715] [client 182.183.59.223:49486] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_1.jpg"] [unique_id "Zzb2sRFWEN9VqJUDmOxF9gAAABU"], referer: http://droppy.pk/
[Fri Nov 15 08:22:25.018234 2024] [:error] [pid 1240690:tid 1240715] [client 182.183.59.223:49486] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_1.jpg"] [unique_id "Zzb2sRFWEN9VqJUDmOxF9gAAABU"], referer: http://droppy.pk/
[Fri Nov 15 08:22:17.129025 2024] [:error] [pid 1242044:tid 1242068] [client 182.183.59.223:49478] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_2.jpg"] [unique_id "Zzb2qV2B16OYtZuRIUyWzgAAANY"], referer: http://droppy.pk/
[Fri Nov 15 08:22:17.127896 2024] [:error] [pid 1242044:tid 1242068] [client 182.183.59.223:49478] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_2.jpg"] [unique_id "Zzb2qV2B16OYtZuRIUyWzgAAANY"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.966470 2024] [:error] [pid 1240692:tid 1240742] [client 182.183.59.223:49477] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2o2xzeCbNjj3Zw9xjvAAAAIo"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.965929 2024] [:error] [pid 1240692:tid 1240742] [client 182.183.59.223:49477] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2o2xzeCbNjj3Zw9xjvAAAAIo"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.790194 2024] [:error] [pid 1240690:tid 1240712] [client 182.183.59.223:49475] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/mecwbjnp.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9QAAABI"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.789808 2024] [:error] [pid 1240690:tid 1240712] [client 182.183.59.223:49475] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/mecwbjnp.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9QAAABI"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.788819 2024] [:error] [pid 1240691:tid 1240744] [client 182.183.59.223:49476] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/rhvddzym.json"] [unique_id "Zzb2oyJ1bJ7aspqJdiGglQAAAEs"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.788237 2024] [:error] [pid 1240691:tid 1240744] [client 182.183.59.223:49476] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/rhvddzym.json"] [unique_id "Zzb2oyJ1bJ7aspqJdiGglQAAAEs"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.759787 2024] [:error] [pid 1240690:tid 1240711] [client 182.183.59.223:49474] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/lupuorrc.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9AAAABE"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.759077 2024] [:error] [pid 1240690:tid 1240711] [client 182.183.59.223:49474] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/lupuorrc.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9AAAABE"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.069038 2024] [:error] [pid 1242044:tid 1242064] [client 182.183.59.223:49466] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2o12B16OYtZuRIUyWzQAAANI"], referer: http://droppy.pk/
https://droppy.pk/?SELECT * FROM mysql.users
or
http://droppy.pk/?test=/etc/passwd
and in logs i get this :
-----------------------------------------------------------------------------
[Fri Nov 15 08:22:54.697941 2024] [:error] [pid 1240692:tid 1240745] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvgAAAIs"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.697362 2024] [:error] [pid 1240692:tid 1240745] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvgAAAIs"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.168467 2024] [:error] [pid 1240692:tid 1240750] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvQAAAI0"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.167868 2024] [:error] [pid 1240692:tid 1240750] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvQAAAI0"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:53.797438 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Found 4 byte(s) in ARGS_NAMES:SELECT * FROM mysql.users outside range: 38,44-46,48-58,61,65-90,95,97-122. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1501"] [id "920273"] [msg "Invalid character in request (outside of very strict set)"] [data "ARGS_NAMES:SELECT * FROM mysql.users=SELECT * FROM mysql.users"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "paranoia-level/4"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:53.797161 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:53.796455 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:25.022988 2024] [:error] [pid 1240690:tid 1240715] [client 182.183.59.223:49486] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_1.jpg"] [unique_id "Zzb2sRFWEN9VqJUDmOxF9gAAABU"], referer: http://droppy.pk/
[Fri Nov 15 08:22:25.018234 2024] [:error] [pid 1240690:tid 1240715] [client 182.183.59.223:49486] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_1.jpg"] [unique_id "Zzb2sRFWEN9VqJUDmOxF9gAAABU"], referer: http://droppy.pk/
[Fri Nov 15 08:22:17.129025 2024] [:error] [pid 1242044:tid 1242068] [client 182.183.59.223:49478] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_2.jpg"] [unique_id "Zzb2qV2B16OYtZuRIUyWzgAAANY"], referer: http://droppy.pk/
[Fri Nov 15 08:22:17.127896 2024] [:error] [pid 1242044:tid 1242068] [client 182.183.59.223:49478] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_2.jpg"] [unique_id "Zzb2qV2B16OYtZuRIUyWzgAAANY"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.966470 2024] [:error] [pid 1240692:tid 1240742] [client 182.183.59.223:49477] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2o2xzeCbNjj3Zw9xjvAAAAIo"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.965929 2024] [:error] [pid 1240692:tid 1240742] [client 182.183.59.223:49477] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2o2xzeCbNjj3Zw9xjvAAAAIo"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.790194 2024] [:error] [pid 1240690:tid 1240712] [client 182.183.59.223:49475] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/mecwbjnp.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9QAAABI"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.789808 2024] [:error] [pid 1240690:tid 1240712] [client 182.183.59.223:49475] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/mecwbjnp.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9QAAABI"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.788819 2024] [:error] [pid 1240691:tid 1240744] [client 182.183.59.223:49476] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/rhvddzym.json"] [unique_id "Zzb2oyJ1bJ7aspqJdiGglQAAAEs"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.788237 2024] [:error] [pid 1240691:tid 1240744] [client 182.183.59.223:49476] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/rhvddzym.json"] [unique_id "Zzb2oyJ1bJ7aspqJdiGglQAAAEs"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.759787 2024] [:error] [pid 1240690:tid 1240711] [client 182.183.59.223:49474] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/lupuorrc.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9AAAABE"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.759077 2024] [:error] [pid 1240690:tid 1240711] [client 182.183.59.223:49474] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/lupuorrc.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9AAAABE"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.069038 2024] [:error] [pid 1242044:tid 1242064] [client 182.183.59.223:49466] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2o12B16OYtZuRIUyWzQAAANI"], referer: http://droppy.pk/
8
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 15, 2024, 07:18:43 AM »Comodo was bought out by another company.
You can try and register for an account and download the last ruleset 1.241 from https://waf.comodo.com
Let me know if it works. As I haven't been able to login for a couple months now.
But not sure is @overseer has been able to or not.
If not, you can visit one of our US mirrors at: https://m3.stl.us.ssimn.org/Comodo-Rules/
The latest ruleset I know of is 1.241, unzip that to your local computer, and upload the files from Rules to your server at /usr/local/apache/modsecurity-cwaf/rules
Easiest way is using the SFTP built into Bitvise after you have logged in via SSH.
@Starburst if you have comodo waf 1.241 rules can you plz make a zip file and share with me as i cant find it anywhere on net to download from
9
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 15, 2024, 06:42:56 AM »@overseer, are you able to login to https://waf.comodo.com, I'm still getting the same error I've been getting for months now.
I've tried contacting them via their email address & forums without success.
i am also not able to login to my comodo account at https://waf.comodo.com
also the below url doesnt work
https://m3.stl.us.ssimn.org/Comodo-Rules/
10
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 14, 2024, 01:05:44 PM »
@ CWP Development Team
kindly do it for all as its hardly few mins job for you guys and it will help all cwp users.
kindly do it for all as its hardly few mins job for you guys and it will help all cwp users.
11
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 14, 2024, 01:02:24 PM »It looks like when Comodo was bought out the WAF rules got dropped.
The last ruleset version that came out on 2024-01-21 fixed the WordPress bug, which was 1.241 that you can manually update.
can you plz help tell me how to update comodo waf rules to latest version manually i am new to this
12
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: November 13, 2024, 01:38:32 PM »
can you please tell me how to update comodo waf rules manuall. i am new
13
Suggestions / :):):) Comodo WAF rules update required :):):)
« on: November 12, 2024, 01:18:25 PM »
hello,
kindly update comodo waf rules for mod security in cwp as new version waf rules have many fixes for known issues. its pending since long to update .
Regards,
Zee
kindly update comodo waf rules for mod security in cwp as new version waf rules have many fixes for known issues. its pending since long to update .
Regards,
Zee
14
Mod_Security / Re: MOD SECURITY issue on new CWP PRO INSTALLATION
« on: September 13, 2024, 07:28:57 PM »
thanks a lot guys it worked after adding the following line :
LoadFile /usr/lib64/liblua-5.4.so
but now mod security is giving forbidden access to all the websites pages.
the main page is opened but when i click on any other link on website it triggers the mod security rule i am using comodo waf rules. how to fix forbidden access issue now .
any suggestions
LoadFile /usr/lib64/liblua-5.4.so
but now mod security is giving forbidden access to all the websites pages.
the main page is opened but when i click on any other link on website it triggers the mod security rule i am using comodo waf rules. how to fix forbidden access issue now .
any suggestions
15
Mod_Security / MOD SECURITY issue on new CWP PRO INSTALLATION
« on: September 08, 2024, 05:49:43 PM »
hello,
i have recently installed CWP pro on a new Almalinux 9,everything is working fine but when i install MOD Security all the websites goes down and give below error: when i uninstall MOD Security all sites start working fine. what could be wrong ? and how to fix it any suggestions plz
Unable to connect
An error occurred during a connection to 38.242.244.140.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the web.
i have recently installed CWP pro on a new Almalinux 9,everything is working fine but when i install MOD Security all the websites goes down and give below error: when i uninstall MOD Security all sites start working fine. what could be wrong ? and how to fix it any suggestions plz
Unable to connect
An error occurred during a connection to 38.242.244.140.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the web.
