The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod security blocking google

Discussion in 'Security' started by screege, Nov 19, 2008.

  1. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    186
    Likes Received:
    0
    Trophy Points:
    16
    Hi is there a way to stop mod security from blocking bots loke google bot or msn bot. I get repeteadly this:

    Access denied with code 406 (phase 2). Invalid UTF-8 encoding: invalid byte value in character at ARGS:searchword. [offset "3"] [file "/usr/local/apache/conf/modsec2.user.conf"] [line "20"] [id "950801"] [msg "UTF8 Encoding Abuse Attack Attempt"] [severity "WARNING"]

    Thanks
     
  2. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    186
    Likes Received:
    0
    Trophy Points:
    16
    can anyone help?
     
  3. zigzam

    zigzam Well-Known Member

    Joined:
    May 9, 2005
    Messages:
    206
    Likes Received:
    0
    Trophy Points:
    16
    Remove that rule.
     
  4. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    186
    Likes Received:
    0
    Trophy Points:
    16
    Wow how do I remove it, I know it has to be removed my question is where is it. I have the default cpanel copnfig.
     
  5. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
    in WHM under plugins, you should have 'mod security', go to that, and there is an 'edit config' button, press that, make your changes, save it, then restart apache
     
  6. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    186
    Likes Received:
    0
    Trophy Points:
    16
    Yes thanks I know how to edit rules, what I do not know is which rule is causing mod security to trigger that.

    Thanks
     
  7. cbwass

    cbwass Well-Known Member

    Joined:
    Mar 29, 2002
    Messages:
    148
    Likes Received:
    0
    Trophy Points:
    16
    Search rules for [id "950801"]
     
  8. hzJayJ

    hzJayJ Well-Known Member

    Joined:
    Nov 14, 2008
    Messages:
    76
    Likes Received:
    1
    Trophy Points:
    8
    mod_security

    If you find that mod_security is interfering too much with your web applications, you can disable it easily.

    1. Create an .htaccess file in the directory of the script that is having trouble.

    2. To disable mod_security completely, add the following line to the .haccess file.

    SecFilterEngine Off

    To disable HTTP POST scanning only, use the following instead:

    SecFilterScanPOST Off

    3. Save the file and test your site to ensure that disabling mod_security has solved your problem
     
  9. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,478
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:

    What version of Apache are you running?
     
  10. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    186
    Likes Received:
    0
    Trophy Points:
    16
    Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8b
     
  11. screege

    screege Well-Known Member

    Joined:
    Aug 11, 2004
    Messages:
    186
    Likes Received:
    0
    Trophy Points:
    16
    I get 500 internal server erros I am using suphp is there a way to put it in a local php.ini the http post?

    Thanks
     
  12. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,478
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
Loading...

Share This Page