Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

ModSecurity disabled but ModSecurity: Access denied with redirection to

Discussion in 'General Discussion' started by jonh, Mar 28, 2016.

  1. jonh

    jonh Well-Known Member

    Feb 15, 2016
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    ModSecurity is enabled, I'm not sue what I wasn't seeing the settings pages before. I'm just not sure why one website would be having this issue. It's basically making the website inaccessible.

    It's a basic wordpress website. It was working fine on another cpanel server just the other day. I migrated all sites to a new server and this one site is having this issue now.

    981257: Detects MySQL comment-/space-obfuscated injections and backticktermination

    I've disabled this rule in mod security and the error still occurs after restarting apache.

    I've disabled OWASP ModSecurity Core Rule Set for now so the site is back up.

    [Mon Mar 28 11:54:38.453277 2016] [:error] [pid 10781:tid 139999104182016] [client] ModSecurity: Access denied with redirection to using status 302 (phase 2). Pattern match "(?i:(?:,.*?[)\\\\da-f\\"'`][\\"'`](?:[\\"'`].*?[\\"'`]|\\\\Z|[^\\"'`]+))|(?:\\\\Wselect.+\\\\W*?from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\\\s*?\\\\(\\\\s*?space\\\\s*?\\\\())" at REQUEST_COOKIES:_tidioOne_. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf"] [line "82"] [id "981257"] [rev "2"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data "Matched Data: ,\\x22string\\x22],\\x22tidioOneFlagAutoCreateVisitor\\x22:[\\x221\\x22, found within REQUEST_COOKIES:_tidioOne_: {\\x22tidioOneVistiorId\\x22:[\\x222qjeon24m7l3ezy1mkhflzkeutbf368m\\x22,\\x22string\\x22],\\x22tidioOneFlagAutoCreateVisitor\\x22:[\\x221\\x22,\\x22string\\x22],\\x22tidioOneVisitorDataHash\\x22:[\\x2299914b932bd37a50b983c5e7c90ae93b\\x22,\\x22string\\x22]}"] [severity "CRITICAL"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.doma [hostname ""] [uri "/"] [unique_id "VvlTvmjPh8gAACodJDQAAABI"]
    #1 jonh, Mar 28, 2016
    Last edited: Mar 28, 2016
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice