Recent Posts
71
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by zeejdeej on November 15, 2024, 09:49:04 AM »i just updated the rules to 1.241 version but same issue all wordpress sites are being blocked . only first page is opened and if i click on any other link on wordpress website its blocked by comodo waf rule
72
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by zeejdeej on November 15, 2024, 09:35:19 AM »I'm guessing your country code is PK?
That's probably why you can't connect.
Try the link now.
yes its working now and thanks a lot for your help.
so should i just unzip all files to /usr/local/apache/modsecurity-cwaf/rules location on my server thats it ? it will update and install new rules automatically?or do i have to remove old rule files from this location first
73
Installation / Re: PDO_dblib
« Last post by Dennis54 on November 15, 2024, 09:23:43 AM »Thank you for sharing this information...
74
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by Starburst on November 15, 2024, 08:05:49 AM »I'm guessing your country code is PK?
That's probably why you can't connect.
Try the link now.
That's probably why you can't connect.
Try the link now.
75
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by zeejdeej on November 15, 2024, 07:24:19 AM »i switched to OWASP latest waf but that doesnt seem to be triggering rules as i tried the follow but instead of blocking it open website normally.
https://droppy.pk/?SELECT * FROM mysql.users
or
http://droppy.pk/?test=/etc/passwd
and in logs i get this :
-----------------------------------------------------------------------------
[Fri Nov 15 08:22:54.697941 2024] [:error] [pid 1240692:tid 1240745] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvgAAAIs"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.697362 2024] [:error] [pid 1240692:tid 1240745] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvgAAAIs"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.168467 2024] [:error] [pid 1240692:tid 1240750] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvQAAAI0"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.167868 2024] [:error] [pid 1240692:tid 1240750] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvQAAAI0"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:53.797438 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Found 4 byte(s) in ARGS_NAMES:SELECT * FROM mysql.users outside range: 38,44-46,48-58,61,65-90,95,97-122. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1501"] [id "920273"] [msg "Invalid character in request (outside of very strict set)"] [data "ARGS_NAMES:SELECT * FROM mysql.users=SELECT * FROM mysql.users"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "paranoia-level/4"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:53.797161 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:53.796455 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:25.022988 2024] [:error] [pid 1240690:tid 1240715] [client 182.183.59.223:49486] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_1.jpg"] [unique_id "Zzb2sRFWEN9VqJUDmOxF9gAAABU"], referer: http://droppy.pk/
[Fri Nov 15 08:22:25.018234 2024] [:error] [pid 1240690:tid 1240715] [client 182.183.59.223:49486] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_1.jpg"] [unique_id "Zzb2sRFWEN9VqJUDmOxF9gAAABU"], referer: http://droppy.pk/
[Fri Nov 15 08:22:17.129025 2024] [:error] [pid 1242044:tid 1242068] [client 182.183.59.223:49478] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_2.jpg"] [unique_id "Zzb2qV2B16OYtZuRIUyWzgAAANY"], referer: http://droppy.pk/
[Fri Nov 15 08:22:17.127896 2024] [:error] [pid 1242044:tid 1242068] [client 182.183.59.223:49478] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_2.jpg"] [unique_id "Zzb2qV2B16OYtZuRIUyWzgAAANY"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.966470 2024] [:error] [pid 1240692:tid 1240742] [client 182.183.59.223:49477] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2o2xzeCbNjj3Zw9xjvAAAAIo"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.965929 2024] [:error] [pid 1240692:tid 1240742] [client 182.183.59.223:49477] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2o2xzeCbNjj3Zw9xjvAAAAIo"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.790194 2024] [:error] [pid 1240690:tid 1240712] [client 182.183.59.223:49475] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/mecwbjnp.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9QAAABI"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.789808 2024] [:error] [pid 1240690:tid 1240712] [client 182.183.59.223:49475] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/mecwbjnp.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9QAAABI"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.788819 2024] [:error] [pid 1240691:tid 1240744] [client 182.183.59.223:49476] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/rhvddzym.json"] [unique_id "Zzb2oyJ1bJ7aspqJdiGglQAAAEs"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.788237 2024] [:error] [pid 1240691:tid 1240744] [client 182.183.59.223:49476] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/rhvddzym.json"] [unique_id "Zzb2oyJ1bJ7aspqJdiGglQAAAEs"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.759787 2024] [:error] [pid 1240690:tid 1240711] [client 182.183.59.223:49474] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/lupuorrc.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9AAAABE"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.759077 2024] [:error] [pid 1240690:tid 1240711] [client 182.183.59.223:49474] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/lupuorrc.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9AAAABE"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.069038 2024] [:error] [pid 1242044:tid 1242064] [client 182.183.59.223:49466] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2o12B16OYtZuRIUyWzQAAANI"], referer: http://droppy.pk/
https://droppy.pk/?SELECT * FROM mysql.users
or
http://droppy.pk/?test=/etc/passwd
and in logs i get this :
-----------------------------------------------------------------------------
[Fri Nov 15 08:22:54.697941 2024] [:error] [pid 1240692:tid 1240745] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvgAAAIs"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.697362 2024] [:error] [pid 1240692:tid 1240745] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvgAAAIs"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.168467 2024] [:error] [pid 1240692:tid 1240750] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvQAAAI0"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:54.167868 2024] [:error] [pid 1240692:tid 1240750] [client 182.183.59.223:49493] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2zmxzeCbNjj3Zw9xjvQAAAI0"], referer: https://droppy.pk/?SELECT%20*%20FROM%20mysql.users
[Fri Nov 15 08:22:53.797438 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Found 4 byte(s) in ARGS_NAMES:SELECT * FROM mysql.users outside range: 38,44-46,48-58,61,65-90,95,97-122. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1501"] [id "920273"] [msg "Invalid character in request (outside of very strict set)"] [data "ARGS_NAMES:SELECT * FROM mysql.users=SELECT * FROM mysql.users"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "paranoia-level/4"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:53.797161 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:53.796455 2024] [:error] [pid 1242044:tid 1242048] [client 182.183.59.223:49492] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/"] [unique_id "Zzb2zV2B16OYtZuRIUyWzwAAAMI"]
[Fri Nov 15 08:22:25.022988 2024] [:error] [pid 1240690:tid 1240715] [client 182.183.59.223:49486] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_1.jpg"] [unique_id "Zzb2sRFWEN9VqJUDmOxF9gAAABU"], referer: http://droppy.pk/
[Fri Nov 15 08:22:25.018234 2024] [:error] [pid 1240690:tid 1240715] [client 182.183.59.223:49486] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_1.jpg"] [unique_id "Zzb2sRFWEN9VqJUDmOxF9gAAABU"], referer: http://droppy.pk/
[Fri Nov 15 08:22:17.129025 2024] [:error] [pid 1242044:tid 1242068] [client 182.183.59.223:49478] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_2.jpg"] [unique_id "Zzb2qV2B16OYtZuRIUyWzgAAANY"], referer: http://droppy.pk/
[Fri Nov 15 08:22:17.127896 2024] [:error] [pid 1242044:tid 1242068] [client 182.183.59.223:49478] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/backgrounds/default_2.jpg"] [unique_id "Zzb2qV2B16OYtZuRIUyWzgAAANY"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.966470 2024] [:error] [pid 1240692:tid 1240742] [client 182.183.59.223:49477] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2o2xzeCbNjj3Zw9xjvAAAAIo"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.965929 2024] [:error] [pid 1240692:tid 1240742] [client 182.183.59.223:49477] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/handler/getjstranslation"] [unique_id "Zzb2o2xzeCbNjj3Zw9xjvAAAAIo"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.790194 2024] [:error] [pid 1240690:tid 1240712] [client 182.183.59.223:49475] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/mecwbjnp.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9QAAABI"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.789808 2024] [:error] [pid 1240690:tid 1240712] [client 182.183.59.223:49475] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/mecwbjnp.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9QAAABI"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.788819 2024] [:error] [pid 1240691:tid 1240744] [client 182.183.59.223:49476] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/rhvddzym.json"] [unique_id "Zzb2oyJ1bJ7aspqJdiGglQAAAEs"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.788237 2024] [:error] [pid 1240691:tid 1240744] [client 182.183.59.223:49476] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/rhvddzym.json"] [unique_id "Zzb2oyJ1bJ7aspqJdiGglQAAAEs"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.759787 2024] [:error] [pid 1240690:tid 1240711] [client 182.183.59.223:49474] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/lupuorrc.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9AAAABE"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.759077 2024] [:error] [pid 1240690:tid 1240711] [client 182.183.59.223:49474] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1010"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "droppy.pk"] [uri "/assets/themes/modern/lupuorrc.json"] [unique_id "Zzb2oxFWEN9VqJUDmOxF9AAAABE"], referer: http://droppy.pk/
[Fri Nov 15 08:22:11.069038 2024] [:error] [pid 1242044:tid 1242064] [client 182.183.59.223:49466] [client 182.183.59.223] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "43"] [id "911100"] [msg "Method is not allowed by policy"] [data "GET"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/274"] [tag "PCI/12.1"] [hostname "droppy.pk"] [uri "/assets/themes/modern/css/style.css"] [unique_id "Zzb2o12B16OYtZuRIUyWzQAAANI"], referer: http://droppy.pk/
76
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by zeejdeej on November 15, 2024, 07:18:43 AM »Comodo was bought out by another company.
You can try and register for an account and download the last ruleset 1.241 from https://waf.comodo.com
Let me know if it works. As I haven't been able to login for a couple months now.
But not sure is @overseer has been able to or not.
If not, you can visit one of our US mirrors at: https://m3.stl.us.ssimn.org/Comodo-Rules/
The latest ruleset I know of is 1.241, unzip that to your local computer, and upload the files from Rules to your server at /usr/local/apache/modsecurity-cwaf/rules
Easiest way is using the SFTP built into Bitvise after you have logged in via SSH.
@Starburst if you have comodo waf 1.241 rules can you plz make a zip file and share with me as i cant find it anywhere on net to download from
77
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by zeejdeej on November 15, 2024, 06:42:56 AM »@overseer, are you able to login to https://waf.comodo.com, I'm still getting the same error I've been getting for months now.
I've tried contacting them via their email address & forums without success.
i am also not able to login to my comodo account at https://waf.comodo.com
also the below url doesnt work
https://m3.stl.us.ssimn.org/Comodo-Rules/
78
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by Starburst on November 15, 2024, 03:17:02 AM »@overseer, are you able to login to https://waf.comodo.com, I'm still getting the same error I've been getting for months now.
I've tried contacting them via their email address & forums without success.
I've tried contacting them via their email address & forums without success.
79
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by overseer on November 15, 2024, 02:56:12 AM »1.241 is the latest version, per their Apache yaml file:
https://waf.comodo.com/doc/meta_comodo_apache.yaml
Their documentation literature speaks of "occasional" and "periodic" updates, so I guess early 2024 qualifies...
And note that it is still Comodo -- they have just rebranded to Xcitium after their new flagship endpoint production product (read: $$$$).
https://www.nasdaq.com/press-release/comodo-security-solutions-rebrands-to-xcitium-2022-07-07
(This after a failed rebrand to Sectigo earlier...)
https://waf.comodo.com/doc/meta_comodo_apache.yaml
Their documentation literature speaks of "occasional" and "periodic" updates, so I guess early 2024 qualifies...
And note that it is still Comodo -- they have just rebranded to Xcitium after their new flagship endpoint production product (read: $$$$).
https://www.nasdaq.com/press-release/comodo-security-solutions-rebrands-to-xcitium-2022-07-07
(This after a failed rebrand to Sectigo earlier...)
80
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by Starburst on November 15, 2024, 01:06:25 AM »Comodo was bought out by another company.
You can try and register for an account and download the last ruleset 1.241 from https://waf.comodo.com
Let me know if it works. As I haven't been able to login for a couple months now.
But not sure is @overseer has been able to or not.
If not, you can visit one of our US mirrors at: https://m3.stl.us.ssimn.org/Comodo-Rules/
The latest ruleset I know of is 1.241, unzip that to your local computer, and upload the files from Rules to your server at /usr/local/apache/modsecurity-cwaf/rules
Easiest way is using the SFTP built into Bitvise after you have logged in via SSH.
You can try and register for an account and download the last ruleset 1.241 from https://waf.comodo.com
Let me know if it works. As I haven't been able to login for a couple months now.
But not sure is @overseer has been able to or not.
If not, you can visit one of our US mirrors at: https://m3.stl.us.ssimn.org/Comodo-Rules/
The latest ruleset I know of is 1.241, unzip that to your local computer, and upload the files from Rules to your server at /usr/local/apache/modsecurity-cwaf/rules
Easiest way is using the SFTP built into Bitvise after you have logged in via SSH.
