The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod security is blocking jquery menu

Discussion in 'Security' started by crazyaboutlinux, Mar 21, 2009.

  1. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Hi Guy's

    mod security is blocking jquery menu to load in website trinityindia.org

    please tell how to fix this issue

    Nilesh
     
    #1 crazyaboutlinux, Mar 21, 2009
    Last edited by a moderator: Mar 28, 2009
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,478
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Have you checked your logs to see which rule is blocking? You should be getting an email about it right?

    Just for fun if you want, change the directory name libs to something else and edit your file to reflect the change.

    (from your page)
    ajax/libs/jquery/1.2.6/jquery.min.js

    to

    ajax/files/jquery/1.2.6/jquery.min.js

    I recall a problem I had a while back similar to this and that was what I did to get around something being blocked by mod_sec, I think. ;)

    You might also try moving the jquery files to your own server instead of linking to googleapi.

    Not sure if either is worth anything to you, but without the error log, could be lots of things I suppose.
     
  3. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    i didn't receive any email for that & do let me know how to get log & check error log message

    trinityindia.org/index.htm

    is stuck due to a blocked file....

    error_message: $.cookie is not a function

    the code that cause it :
    var stored = $.cookie(settings.cookieId);

    the file that the code was in :
    jquery.treeview.js (attached here)

    the reason is :
    you are blocking the file....
    jquery.cookie.js

    as explained in this url:

    http://drupal.org/node/271463">http://drupal.org/node/271463

    What more do i have to tell you ....

    regards,
    Nilesh
     
    #3 crazyaboutlinux, Mar 23, 2009
    Last edited by a moderator: Mar 28, 2009
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,478
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You might consider installing a firewall that sends you alerts for many things, CSF. http://www.configserver.com/cp/csf.html

    You'll need to check your logs for an error message about this for clues.

    Or, try what I suggested above.

    Or, check to make sure this file is located where it's supposed to be:

    "An appropriate representation of the requested resource /jquery.cookie.js could not be found on this server."
    trinityindia.org/jquery.cookie.js

    Or, add the full path to it in your code to see if that helps.

    src="jquery.cookie.js"

    Are you sure you even have mod_sec installed?

    I can't assist you with coding of your webpage, that's out of the scope of these forums.

    If you're unsure how to check a few of these, contact your host for assistance.
     
  5. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    Check the Mod Security under plugins in WHM and read the message see exactly what is says. Something like: (The below is just an example of the message put out by mod secuirty it is not your error)

    Then you can delee the rule if it is causing problems, if we wanted to delete this rule we would
    Code:
    nano +40 /usr/local/apache/conf/modsec_rules/10_asl_rules.conf
    The +40 takes us to line 40 so we can find the rule easily. Then comment out the rule if that is what you want to do.
     
  6. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    i got below from mod_security

    kindly help me to resolve this issue

    /jquery.cookie.js HTTP/1.1 Access denied with code 406 (phase 2). Pattern match "(?:\b(?:eek:n(?:(?:mo(?:use(?:eek:(?:ver|ut)|down|move|up)|ve)|key(?:press|down|up)|c(?:hange|lick)|s(?:elec|ubmi)t|(?:un)?load|dragdrop|resize|focus|blur)\b\W*?=|abort\b)|(?:l(?:eek:wsrc\b\W*?\b(?:(?:java|vb)script|shell)|ivescript)|(?:href|url)\b\W*?\b(?:(?:j ..." at REQUEST_FILENAME. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "79"] [id "950004"] [msg "Cross-site Scripting (XSS) Attack. Matched signature <.cookie>"] [severity "CRITICAL"] 406
     
  7. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Access denied with code 406 (phase 1). Match of "rx ^((?:(?:POS|GE)T|OPTIONS|HEAD))$" against "REQUEST_METHOD" required. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "36"] [id "960032"] [msg "Method is not allowed by policy"] [severity "CRITICAL"]
     
  8. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Access denied with code 406 (phase 2). Pattern match "(?:\b(?:eek:n(?:(?:mo(?:use(?:eek:(?:ver|ut)|down|move|up)|ve)|key(?:press|down|up)|c(?:hange|lick)|s(?:elec|ubmi)t|(?:un)?load|dragdrop|resize|focus|blur)\b\W*?=|abort\b)|(?:l(?:eek:wsrc\b\W*?\b(?:(?:java|vb)script|shell)|ivescript)|(?:href|url)\b\W*?\b(?:(?:j ..." at REQUEST_FILENAME. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "79"] [id "950004"] [msg "Cross-site Scripting (XSS) Attack. Matched signature <.cookie>"] [severity "CRITICAL"]
     
  9. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    Looks like it is there

    nano +79 /usr/local/apache/conf/modsec2.user.conf

    Hopefully the modsec2.user.conf will have a few lines like

    #Some Rule
    Some Rule here
    Maybe on two lines

    Then just change it to

    #Some Rule
    #Some Rule here
    #Maybe on two lines

    Restart apache and see if it corrects the issue, if not undo the changes.
     
  10. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    this is not helping me
     
  11. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    Sorry it is not helping, mod_secuirty is blocking it, you showed that, removing the rule and restarting apache should cure that problem, there may be more than one rule blocking it. I do not think I am clearly getting through, you should probably hire an sys admin to fix the problem or drop a line to cpanel.
     
  12. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    Did you actually want help from us? If so, you'll need to be explicit about why it is not helping you. Do you not understand it? Do you not have root access on your server? If not, you'll need to ask your server admin. If you do have root access, you'll need to ask someone to help you administer your server. Or be willing to do some more research yourself.
     
  13. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Hi Guy's

    please close this issue our client has made other file instead of js & now its working fine

    Thanks a lot for your kind support

    you can check this website trinityindia.org
     
    #13 crazyaboutlinux, Mar 28, 2009
    Last edited by a moderator: Mar 28, 2009
Loading...

Share This Page