Godaddy shared hosting get blocked out (probably by mod_security) when using some scripts.

[SuperBaby]

I have two different file management scripts installed. They are available free from Filegator.com and Nextcloud.com.

When I try to use the search feature in Filegator and to edit a display text in Nextcloud (see screenshots attached), I will be blocked out (most probably by mod_security). When this happens, I have to restart my modem to acquire a new IP address so that I can access the sites again.

mod_security control is NOT available in cPanel interface of Godaddy shared hosting. I have talked to Godaddy support team and it seems that they did not know what was happening and how to help me out.

Is there a way for me to do something. I tried to add this in htaccess file and placed it under the root but it was not working.

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>

 

[cPanelLauren]

The pictures of the program's search bars are not really helpful. What is the error you're receiving and/or what is reported in the error logs which can be found in cPanel>>Metrics>>Errors

 

[SuperBaby]

I am on Godaddy shared hosting. Unfortunately there is no useful screenshot I can show. Because when the alarm is triggered, there is no error message. The site simply halts.

I have also check the error log and there is nothing recorded.

I tried to disable mod_security in htaccess file but it is not working.

 

[ZenHostingTravis]

It sounds like you're not getting the support you need from the GoDaddy team.

If a rule is being triggered, they should be able to disable it for you or take other action to assist you further.

 

[SuperBaby]

It sounds like you're not getting the support you need from the GoDaddy team.

If a rule is being triggered, they should be able to disable it for you or take other action to assist you further.

Yeah... I told Godaddy to whitelist my domain under the mod_security whitelist. They asked me to upgrade to virtual or dedicated server. Well, I have just downgraded from a dedicated server.

 

[ZenHostingTravis]

Yeah... I told Godaddy to whitelist my domain under the mod_security whitelist. They asked me to upgrade to virtual or dedicated server. Well, I have just downgraded from a dedicated server.

It really shouldn't matter if you're on shared hosting or a VPS / dedicated server.

 

[SuperBaby]

It really shouldn't matter if you're on shared hosting or a VPS / dedicated server.

Yes, that was what I thought. Terrible.

 

[cPanelLauren]

I'm not sure what they include in their shared plans but cPanel does provide a ModSecurity interface at cPanel>>Security>>ModSecurity where you can disable it for your domains (1 or all) which might help you confirm whether or not it is ModSecurity, that is if they include this interface in the plan.

If they do and you can confirm it works with ModSecurity disabled, GoDaddy does have the ability to look at ModSecurity logs and tell you which rule is being matched and what that rule entails so that you can better manage your site to avoid false positives.

 

[SuperBaby]

I'm not sure what they include in their shared plans but cPanel does provide a ModSecurity interface at cPanel>>Security>>ModSecurity where you can disable it for your domains (1 or all) which might help you confirm whether or not it is ModSecurity, that is if they include this interface in the plan.

If they do and you can confirm it works with ModSecurity disabled, GoDaddy does have the ability to look at ModSecurity logs and tell you which rule is being matched and what that rule entails so that you can better manage your site to avoid false positives.

Unfortunately Godaddy has turned it off for shared hosting. I know the existence of this feature as I have managed a dedicated server before.

 

[cPanelLauren]

Unfortunately Godaddy has turned it off for shared hosting. I know the existence of this feature as I have managed a dedicated server before.

Yea and if they are unwilling to provide you the rule that is being matched as well as how it is avoided you're a bit stuck.