AbanteCart Community

Shopping Cart Operations => Support => Topic started by: david.livshin on February 04, 2019, 06:16:37 AM

Title: unable to edit my products
Post by: david.livshin on February 04, 2019, 06:16:37 AM
Hi,

After changing admin password I wasnt able to login. Fixing this problem and some how getting in I am receiving:

403
Forbidden

Access to this resource on the server is denied!


and then, again, unable to login with the same message as above ( but now at the admin login ).
When trying to get to my site ( not a WebShop ) I am getting the message:

The firewall on this server is blocking your connection.

which I somehow can disable ( using ReCAPTCHA ).

How can I get to be able to edit my WebShop?

Thank you,

David


Title: Re: unable to edit my products
Post by: Basara on February 05, 2019, 06:40:53 AM
The firewall on this server is blocking your connection.
Hello. Check with your hosting support or look for firewall settings in your hosting cPanel
Title: Re: unable to edit my products
Post by: david.livshin on February 05, 2019, 06:48:32 AM
Actually already did and that what they wrote me:

==============================
We've found out that the ModSecurity rule "211540" triggered on "WebShop/index.php?rt=catalog/download&s=admin123&token=nVh5dB1bBaQJyspZwWYq6KwdtxBfmI89" request - "SQL Injection Attack"

[Mon Feb  4 09:18:04 2019] [error] [client 5.102.238.211] ModSecurity: Access denied with code 403, [Rule: 'ARGS|ARGS_NAMES|REQUEST_COOKIES|REQUEST_COOKIES_NAMES|XML:/*|!ARGS:/body/|!ARGS:/content/|!ARGS:customized|!ARGS_NAMES:dynamic_object[object_type]|!ARGS:desc|!ARGS:/description/|!ARGS:/message/|!ARGS_NAMES:object_id|!ARGS_POST:object_id|!ARGS:/password/|!ARGS_NAMES:/password/|!ARGS_NAMES:/product_main_image_data\[\d+]\[object_id]/|!ARGS:Post|!ARGS:text|!REQUEST_COOKIES:/__utm/|!REQUEST_COOKIES:/_pk_ref/|!ARGS:sql_query|!ARGS_NAMES:column_name' '(?i:\b(?:t(?:able_name\b|extpos[^a-zA-Z0-9_]{1,}\()|(?:a(?:ll_objects|tt(?:rel|typ)id)|column_(?:id|name)|mb_users|object_(?:id|(?:nam|typ)e)|pg_(?:attribute|class)|rownum|s(?:ubstr(?:ing){0,1}|ys(?:c(?:at|o(?:lumn|nstraint)s)|dba|ibm|(?:filegroup|object|(?:process|tabl)e)s))|user_(?:group|password|(?:ind_column|tab(?:_column|le)|user|(?:constrain|objec)t)s)|xtype[^a-zA-Z0-9_]{1,}\bchar)\b)|(?:\b(?:(?:instr|locate)[^a-zA-Z0-9_]{1
 ,}\(|(?:attnotnull|c(?:harindex|onstraint_type)|m(?:sys(?:column|object|relationship|(?:ac|queri)e)s|ysql\.(db|user))|s(?:elect\b.{0,40}\b(?:ascii|substring|users{0,1})|ys\.(?:all_tables|tab|user_(?:c(?:atalog|onstraints)|(?:object|t(?:ab(?:_column|le)|rigger)|view)s)))|waitfor\b[^a-zA-Z0-9_]{0,}?\bdelay)\b)|@@spid\b))'] [id "211540"] [rev "12"] [msg "COMODO WAF: Blind SQL Injection Attack"] [logdata "Matched Data: rowNum found within {"table_id":"download_grid","sortname":"name","sortorder":"desc","selrow":null,"page":1,"rowNum":20,"postData":{"_search":false,"nd":1549293437529,"rows":20,"page":1,"sidx":"name","sord":"desc"},"search":false}: {"table_id":"download_grid","sortname":"name","sortorder":"desc","selrow":null,"page":1,"rowNum":20,"postData":{"_search":false,"nd":1549293437529,"rows":20,"page":1,"sidx":"name","sord":"desc"},"search":false}"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"]
==============================

What is that? A bug?
Why did it happen? What shall be done to prevent it from happening again?

Thank you,

David
Title: Re: unable to edit my products
Post by: Basara on February 05, 2019, 07:14:14 AM
Hi. It is not a bug. It is incorrect configuration for ModSecurity  module installed on your server. You need to configure it correctly (ask hosting support to whitelist some urls or module rules) or disable it.