The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod security blocking google

Discussion in 'Security' started by screege, Nov 19, 2008.

  1. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    187
    Likes Received:
    0
    Trophy Points:
    166
    Hi is there a way to stop mod security from blocking bots loke google bot or msn bot. I get repeteadly this:

    Access denied with code 406 (phase 2). Invalid UTF-8 encoding: invalid byte value in character at ARGS:searchword. [offset "3"] [file "/usr/local/apache/conf/modsec2.user.conf"] [line "20"] [id "950801"] [msg "UTF8 Encoding Abuse Attack Attempt"] [severity "WARNING"]

    Thanks
     
  2. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    187
    Likes Received:
    0
    Trophy Points:
    166
    can anyone help?
     
  3. zigzam

    zigzam Well-Known Member

    Joined:
    May 9, 2005
    Messages:
    206
    Likes Received:
    0
    Trophy Points:
    166
    Remove that rule.
     
  4. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    187
    Likes Received:
    0
    Trophy Points:
    166
    Wow how do I remove it, I know it has to be removed my question is where is it. I have the default cpanel copnfig.
     
  5. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    168
    Location:
    /dev/null
    in WHM under plugins, you should have 'mod security', go to that, and there is an 'edit config' button, press that, make your changes, save it, then restart apache
     
  6. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    187
    Likes Received:
    0
    Trophy Points:
    166
    Yes thanks I know how to edit rules, what I do not know is which rule is causing mod security to trigger that.

    Thanks
     
  7. cbwass

    cbwass Well-Known Member

    Joined:
    Mar 29, 2002
    Messages:
    148
    Likes Received:
    0
    Trophy Points:
    316
    Search rules for [id "950801"]
     
  8. hzJayJ

    hzJayJ Well-Known Member

    Joined:
    Nov 14, 2008
    Messages:
    76
    Likes Received:
    1
    Trophy Points:
    58
    mod_security

    If you find that mod_security is interfering too much with your web applications, you can disable it easily.

    1. Create an .htaccess file in the directory of the script that is having trouble.

    2. To disable mod_security completely, add the following line to the .haccess file.

    SecFilterEngine Off

    To disable HTTP POST scanning only, use the following instead:

    SecFilterScanPOST Off

    3. Save the file and test your site to ensure that disabling mod_security has solved your problem
     
  9. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,430
    Likes Received:
    285
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:

    What version of Apache are you running?
     
  10. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    187
    Likes Received:
    0
    Trophy Points:
    166
    Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8b
     
  11. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    187
    Likes Received:
    0
    Trophy Points:
    166
    I get 500 internal server erros I am using suphp is there a way to put it in a local php.ini the http post?

    Thanks
     
  12. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,430
    Likes Received:
    285
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
Loading...

Share This Page