klijent dobija 403 error i blokadu pristupa servera na nekih 10 do 15 minuta posle submit-a forme.
Naime, to je standardna forma sa par rich text editora (CKEditor) koja na submit upisuje sve te podatke u bazu.
Verujem da je do nekih tagova i ovog ModSecurity-a.
Ovo je iz error_log-a:
Code:
[Sat Sep 13 18:45:11 2014] [error] [client xx.xx.xx.xx] ModSecurity: [file "/etc/httpd/modsecurity.d/10_asl_rules.conf"] [line "1023"] [id "350147"] [rev "147"] [msg "Atomicorp.com WAF Rules: Potentially Untrusted Web Content Detected"] [data "10862"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "rx ((?:submit(?:\\\\+| )?(request)?(?:\\\\+| )?>+|<<(?:\\\\+| )remove|(?:sign ?in|log ?(?:in|out)|next|modifier|envoyer|add|continue|weiter|account|results|select)(?:\\\\+| )?>+)$|^< ?\\\\??(?: |\\\\+)?xml|^<samlp|^>> ?$)" against "REQUEST_URI" required. [hostname "example.com"] [uri "/add-product/"] [unique_id "VBTzJkJVoVIAAGGuSEgAAAAT"]
[Sat Sep 13 18:45:11 2014] [error] [client xx.xx.xx.xx] ModSecurity: [file "/etc/httpd/modsecurity.d/10_asl_rules.conf"] [line "1023"] [id "350147"] [rev "147"] [msg "Atomicorp.com WAF Rules: Potentially Untrusted Web Content Detected"] [data "10862"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "rx ((?:submit(?:\\\\+| )?(request)?(?:\\\\+| )?>+|<<(?:\\\\+| )remove|(?:sign ?in|log ?(?:in|out)|next|modifier|envoyer|add|continue|weiter|account|results|select)(?:\\\\+| )?>+)$|^< ?\\\\??(?: |\\\\+)?xml|^<samlp|^>> ?$)" against "REQUEST_URI" required. [hostname "example.com"] [uri "/add-product/"] [unique_id "VBTzJkJVoVIAAGGuSEgAAAAT"]
Klijent ima root pristup.
LAMP okruzenje, ako treba nesto vise da pitam klijenta?
Sta uraditi da ovo proradi?
Hvala
[Ovu poruku je menjao svepomalo dana 14.09.2014. u 05:17 GMT+1]