ModSecurity issues since 11.48

mitk · Mar 10, 2015

So i upgraded and setup my vendors to be with the OWASP ModSecurity Core Rule Set but now i am getting a lot of reports of issues, people not being able to login to joomla admin or people getting banned for just trying to login to a backend once.

Anyone having any issues?

mitk · Mar 10, 2015

Here is an example of an IP banned that was just trying to view a new photo gallery

Time: Tue Mar 10 19:28:43 2015 -0400
IP: 71.000.000.143 (Blah)
Failures: 5 (mod_security)
Interval: 3600 seconds
Blocked: Permanent Block

Log entries:

- Removed Output No Need Here -

Infopro · Mar 10, 2015

I've removed that output, no need here. If you do a search on the forums you'll find a few threads discussing these issues and there are suggestions on how to disable, and report, rules affecting your sites. Here's one of those:
https://forums.cpanel.net/threads/owasp-mod-security-and-wordpress.452091/

mitk · Mar 10, 2015

thank you

Infopro · Mar 11, 2015

You're certainly welcome.

Thread starter	Similar threads	Forum	Replies	Date
K	HTTP ERROR 500 - security2:error - ModSecurity	Security	2	Wednesday at 10:28 PM
	ModSecurity Tools not logging all hits	Security	15	Mar 23, 2023
I	ModSecurity issues false positive on WordPress	Security	1	Mar 24, 2020
S	Issues with modsecurity OWASP and false positives.	Security	41	Jul 18, 2016
	ModSecurity 2.7.3 Issues	Security	12	Jul 2, 2013

Search

Search

ModSecurity issues since 11.48

mitk

Well-Known Member

mitk

Well-Known Member

Infopro

Well-Known Member

mitk

Well-Known Member

Infopro

Well-Known Member