it was driving me loopy - i thought i was going to lose all my hard work when i had nearly finished the site - i just hope it saves other people time
- Welcome to AbanteCart Community.
AbanteCart forum
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
Support / Re: Admin Backend Site now showing error Forbidden on all media.
August 14, 2014, 01:43:27 PM #2
Support / Re: Admin Backend Site now showing error Forbidden on all media.
August 14, 2014, 07:41:54 AM
i have had the same problem recently and contact host company and here is the outcome
While checking the server logs, I find that the domain has trigerred mod-security rules:
==============================
[Wed Aug 13 22:36:01.825014 2014] [:error] [pid 13483] [client 217.147.80.30] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:t(?:able_name\\\\b|extpos[^a-zA-Z0-9_]{1,}\\\\()|(?:a(?:ll_objects|tt(?:rel|typ)id)|column_(?:id|name)|mb_users|object_(?:id|(?:nam|typ)e)|pg_(?:attribute|class)|rownum|s(?:ubstr(?:ing){0,1}|ys(?:c(?:at|o(?:lumn|nstraint)s)|dba|ibm|(?:filegroup|o ..." at ARGS_NAMES:object_name. [file "/var/cpanel/cwaf/rules/cwaf_02.conf"] [line "289"] [id "211540"] [msg "COMODO WAF: Blind SQL Injection Attack"] [data "Matched Data: object_name found within ARGS_NAMES:object_name: object_name"] [severity "CRITICAL"] [hostname "website domain here"] [uri "/shop/index.php"] [unique_id "U@vaQdmTUB4AADSrpOoAAAAC"]
=============================
I have disabled mod-securty for your domain now.
i hope this helps anyone which the same problem
While checking the server logs, I find that the domain has trigerred mod-security rules:
==============================
[Wed Aug 13 22:36:01.825014 2014] [:error] [pid 13483] [client 217.147.80.30] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:t(?:able_name\\\\b|extpos[^a-zA-Z0-9_]{1,}\\\\()|(?:a(?:ll_objects|tt(?:rel|typ)id)|column_(?:id|name)|mb_users|object_(?:id|(?:nam|typ)e)|pg_(?:attribute|class)|rownum|s(?:ubstr(?:ing){0,1}|ys(?:c(?:at|o(?:lumn|nstraint)s)|dba|ibm|(?:filegroup|o ..." at ARGS_NAMES:object_name. [file "/var/cpanel/cwaf/rules/cwaf_02.conf"] [line "289"] [id "211540"] [msg "COMODO WAF: Blind SQL Injection Attack"] [data "Matched Data: object_name found within ARGS_NAMES:object_name: object_name"] [severity "CRITICAL"] [hostname "website domain here"] [uri "/shop/index.php"] [unique_id "U@vaQdmTUB4AADSrpOoAAAAC"]
=============================
I have disabled mod-securty for your domain now.
i hope this helps anyone which the same problem
Pages1