[line "309"] [id "350147"]
Posted: Fri Jan 08, 2016 9:47 am
I have my application hosted at Alphamegahosting.
Recently they have upgraded their security layer and now I am dealing with problems I am not able to solve.
On my webpage I use CDKEDITOR to let the user fill in some content and submit it.
I get next message in my error log:
[Fri Jan 08 14:26:59 2016] [error] [client 62.195.103.165] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ((?:submit(?:\\\\+| )?(request)?(?:\\\\+| )?>+|<<(?:\\\\+| )remove|(?:sign ?in|log ?(?:in|out)|next|modifier|envoyer|add|continue|weiter|account|results|select)?(?:\\\\+| )?>+)$|^< ?\\\\??(?: |\\\\+)?xml|^<samlp|^>> ?$)" against "ARGS:bericht4" required. [file "/etc/apache2/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "309"] [id "350147"] [rev "143"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: Potentially Untrusted Web Content Detected"] [data ""] [severity "CRITICAL"] [hostname "www.itclubsupport.nl"] [uri "/clubsupport/programmatuur/INGELOGD/LOGIN overzicht/LOGIN php/LOGIN webmaster/LOGIN beheren formulieren/LOGIN voeg formulier toe in tabel.php"] [unique_id "Vo@5I1ZtCwEAARujn3UAAAAD"]
When a user enters "hello", then enter (next sentence) and than "hello" again it is working fine.
However when instead of 1 time enter, the user puts 2 enters I get error 403 with above message.
Does anybody have a glue how to solve this?
Recently they have upgraded their security layer and now I am dealing with problems I am not able to solve.
On my webpage I use CDKEDITOR to let the user fill in some content and submit it.
I get next message in my error log:
[Fri Jan 08 14:26:59 2016] [error] [client 62.195.103.165] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ((?:submit(?:\\\\+| )?(request)?(?:\\\\+| )?>+|<<(?:\\\\+| )remove|(?:sign ?in|log ?(?:in|out)|next|modifier|envoyer|add|continue|weiter|account|results|select)?(?:\\\\+| )?>+)$|^< ?\\\\??(?: |\\\\+)?xml|^<samlp|^>> ?$)" against "ARGS:bericht4" required. [file "/etc/apache2/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "309"] [id "350147"] [rev "143"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: Potentially Untrusted Web Content Detected"] [data ""] [severity "CRITICAL"] [hostname "www.itclubsupport.nl"] [uri "/clubsupport/programmatuur/INGELOGD/LOGIN overzicht/LOGIN php/LOGIN webmaster/LOGIN beheren formulieren/LOGIN voeg formulier toe in tabel.php"] [unique_id "Vo@5I1ZtCwEAARujn3UAAAAD"]
When a user enters "hello", then enter (next sentence) and than "hello" again it is working fine.
However when instead of 1 time enter, the user puts 2 enters I get error 403 with above message.
Does anybody have a glue how to solve this?