ModSecurity y Google

[migarcia]

Hay una regla de mod_security que rechaza las visitas de googlebot:

[Sat May 09 02:37:04 2015] [error] [client 66.249.65.61] ModSecurity: Access denied with redirection to domain.com/' using status 302 (phase 2). RBL lookup of domain.61.65.xxx.xx.dnsbl.httpbl.org succeeded at TX:real_ip. Search Engine: 0 days since last activity, threat score 5 [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-10-IP-REPUTATION.conf"] [line "60"] [id "981138"] [msg "HTTP Blacklist match for client IP."] [severity "CRITICAL"] [tag "Host: domain.com [tag "IP_REPUTATON/MALICIOUS_CLIENT"] [hostname "domain.com"] [uri "/ca/la-casa-2/"] [unique_id "VU1WsC5pFPYAAGJ-UDsAAAAI"]

y pasa continuamente, en CSF añado las ips dinamicamente a la lista blanca si vienen de google, pero como puedo solucionarlo en Mod_Security

 

[cPanelMichael]

Hello,

You can disable that OWASP rule and then report it to the vendor if it's not working as intended. This thread is helpful:

https://forums.cpanel.net/threads/owasp-mod-security-and-wordpress.452091/

Thank you.

Translation:

Hola,

Puede desactivar esa regla OWASP y luego informar al proveedor si no está funcionando según lo previsto. Este hilo es de gran ayuda:

https://forums.cpanel.net/threads/owasp-mod-security-and-wordpress.452091/

Gracias.

 

[migarcia]

Gracias.

 

[migarcia]

Pero...cuando intento informar recibo este error:

Warning:The system was unable to submit the request: curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). The default bundle is named curl-ca-bundle.crt; you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.

 

[cPanelMichael]

Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.

Thank you.

Translation:

Podría abrir un ticket de soporte utilizando el enlace en mi firma para que podamos tomar una mirada más cercana? Puede publicar el número de entradas aquí para que podamos actualizar este hilo con el resultado.

Gracias.