Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

mode security code 406 error

Discussion in 'Workarounds and Optimization' started by k-planethost, Mar 27, 2011.

  1. k-planethost

    k-planethost Well-Known Member

    Joined:
    Sep 22, 2009
    Messages:
    199
    Likes Received:
    8
    Trophy Points:
    68
    Location:
    Athens Greece
    on customers wordpress sites i observe the following from mod security and csf at the end lock them out
    Access denied with code 406 (phase 2). Pattern match "(?:\b(?:(?:type\b\W*?\b(?:text\b\W*?\b(?:j(?:ava)?|ecma|vb)|application\b\W*?\bx-(?:java|vb))script|c(?:eek:pyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\b.{0,100}?\bsrc)\b|on(?:(?:mo(?:use(?:eek:(?:ver|ut)|down|move|up)|ve)|key(?:press|d ..." at REQUEST_FILENAME. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "120"] [id "950004"] [msg "Cross-site Scripting (XSS) Attack"] [data ".cookie"] [severity "CRITICAL"] [tag "WEB_ATTACK/XSS"]
    i have ConfigServer ModSecurity Control - cmc v1.02 on the server as well in case that needs triggering mod sec
    how can i fix this without disable mod_sec for specific domains?

    on joomla sites i have this error as well
    Access denied with code 406 (phase 2). Invalid UTF-8 encoding: invalid byte value in character at ARGS:subject. [offset "25"] [file "/usr/local/apache/conf/modsec2.user.conf"] [line "26"] [id "950801"] [msg "UTF8 Encoding Abuse Attack Attempt"] [severity "WARNING"]
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,170
    Likes Received:
    370
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You can add those 2 IDs to bypass using CMC for just the domains having the issue if you like.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. k-planethost

    k-planethost Well-Known Member

    Joined:
    Sep 22, 2009
    Messages:
    199
    Likes Received:
    8
    Trophy Points:
    68
    Location:
    Athens Greece
    sorted excellent script the CMC
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice