Hello,
we have buy a plugin for our e-shop which communicate with google fire base for showing a pop up notification (accept YES/NO) to the user in order to get notifications for our e-shop while he isn't in it (through chrome).
We have enable fail2ban module in plesk and plesk-modsecurity jail too.
The problem is when we browse our e-shop (and every user) after the max retries of plesk-modsecurity jail user is banned.
Below you can see the error from log of apache. The result is that plugin doesn't work and also user is banned. Can you please help to find a solution for this error without need to disable rule id 340162 in order to be secure?
[client XX.XX.XX.XX] ModSecurity: [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "179"] [id "340162"] [rev "294"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: URL detected as argument, possible RFI attempt detected"] [data "%TX:1,TX:1"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "beginsWith %{request_headers.host}" against "TX:1" required. [hostname "www.domain.com.gr"] [uri "/index.php"] [unique_id "Wh34QRnFLoVvc2Vk2BCdQwAAAZY"], referer: https://www.domain.com.gr/
Regards
rule id 340162
Community support forums for the free/delayed modsecurity rules feed. There is no such thing as a bad question here as long as it pertains to using the delayed modsecurity rules feed. Newbies feel free to get help getting started or asking questions that may be obvious.
Return to “Atomicorp Free Modsecurity Rules”
Jump to
- Customer Support Forums
- ↳ Atomicorp Announcements
- ↳ Security Alerts
- ↳ Atomic Protector (formerly ASL)
- ↳ Atomic OSSEC
- ↳ Atomicorp Modsecurity Rules Support
- ↳ Atomicorp Threat Intelligence System
- ↳ Feature Requests
- Community Support Forums
- ↳ Atomicorp Free Modsecurity Rules
- ↳ OSSEC
- ↳ Modsecurity
- ↳ OpenVAS
- ↳ Firewall Help and Discussion
- ↳ Control Panel Support Help
- ↳ Virtualization Help and Discussion
- ↳ Anti-Spam Help and Discussion
- ↳ Help with other free stuff
- Atomic Repository Forums
- ↳ Atomic Repository Announcements
- ↳ General Help and Development Discussion
- ↳ PHP Help and Discussion
- ↳ MySQL / MariaDB Database Help and Discussion
- ↳ Requests
- ↳ Atomic Secured Windows
- ↳ Tortix: Atomic Secured Enterprise
- ↳ Atomic Secured Linux Beta and Test Builds
- ↳ Nucleus Repository Help