Hi,
I am getting following mail from paypal.
We are using latest version of clientexec.
Recently i have installed modsecurity in whm.
Here is the modsecurity log
callback.php is attached with this.
Is this related to modsecurity, if so, how can I fix it ?
Please help me to resolve this issue.
Thanks,
Annie
I am getting following mail from paypal.
Code:
Please check your server that handles PayPal Instant Payment Notifications (IPN). Instant Payment Notifications sent to the following URL(s) are failing:
http://billing.xx.com/plugins/gateways/paypal/callback.php
If you do not recognize this URL, you may be using a service provider that is using IPN on your behalf. Please contact your service provider with the above information. If this problem continues, IPNs may be disabled for your account.
Thank you for your prompt attention to this issue.
Thanks,
PayPalRecently i have installed modsecurity in whm.
Here is the modsecurity log
Code:
Message: Rule processing failed.
Message: Access denied with redirection to http://billing.xx.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: billing.xx.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"]
Action: Intercepted (phase 2)
Stopwatch: 1425287937186573 77823 (- - -)
Stopwatch2: 1425287937186573 77823; combined=399, p1=83, p2=181, p3=0, p4=0, p5=98, sr=34, sw=37, l=0, gc=0
Producer: ModSecurity for Apache/2.8.0 (http://www.modsecurity.org/); OWASP_CRS/3.0.0.
Server: Apache
Engine-Mode: "ENABLED"Is this related to modsecurity, if so, how can I fix it ?
Please help me to resolve this issue.
Thanks,
Annie
