Saturday, April 27, 2013

mod security blocking ips and causing sites to go offline

This can cause site admins to lose access to their sites completely due to automatic blocks by mod security
Error 7 (net::ERR_TIMED_OUT): The operation timed out.


if you get this error on your site then it is most probably  mod_security banning your ip on your server

maybe due to hosting companies using older versions of mod security  software?


Access denied with code 406 (phase 2). Pattern match "(?:\\b(?:(?:type\\b\\W*?\\b(?:text\\b\\W*?\\b(?:j(?:ava)?|ecma|vb)|application\\b\\W*?\\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\\b.{0,100}?\\bsrc)\\b|on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)| ..." at REQUEST_FILENAME. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "117"] [id "1234123404"] [msg "Cross-site Scripting (XSS) Attack"] [data ".cookie"] [severity "CRITICAL"] [tag "WEB_ATTACK/XSS"]




ModSecurity ‏@ModSecurity9h
 You should upgrade ModSecurity to latest 2.7.3 w/restricted htaccess support


------------------------------------------
However, the fastest way around mod_security issues is to bypass mod_security entirely. Add the line 'SecFilterEngine off' to the .htaccess file in the root of your site . That should turn off mod_security, and allow you to at least verify if that's causing the real problem.



https://www.modsecurity.org/tracker/browse/MODSEC-58


https://twitter.com/ModSecurity


http://www.modsecurity.org/documentation/support-request-checklist.html


From: Breno Silva gmail.com>
Date: Friday, March 29, 2013 12:55 PM
To: "mod-security-users lists.sourceforge.net" lists.sourceforge.net>, mod-security-developers lists.sourceforge.net>, lists.sourceforge.net>
Subject: [mod-security-users] Availability of ModSecurity 2.7.3 Stable Release

The ModSecurity Development Team is pleased to announce the availability of ModSecurity 2.7.3 Stable Release.The stability of this release is good and includes many bug fixes.

Many issues and missing features for NGINX module were fixed. NGINX module version is now RC. We have fixed some minor issues for IIS.

We also added some important new features, the ability to load some specific directives into .htaccess files and the SecXmlExternalEntity security feature that will disable by default the possibility to load xml external entities. We recommend all users use this version.

Please see the release notes included into CHANGES file. For known problems and more information about bug fixes, please see the online ModSecurity Jira. Please report any bug to mod-security-developers lists.sourceforge.net.

Thanks

Breno Silva







1 comment:

  1. Are you looking for free Facebook Followers & Likes?
    Did you know you can get them ON AUTO-PILOT AND ABSOLUTELY FREE by registering on Like 4 Like?

    ReplyDelete