Skip to main content

mod-security denying post method due to client's text matching pattern

Comments

8 comments

  • cPanelWilliam
    Hello! For situations such as this, you could either whitelist your client's IP within ModSecurity or whitelist the rule that they are triggering: How to whitelist mod_security rule / rule set globally
    0
  • nishu_pixofix
    Thank you for your kind response! It's interesting to learn about the IP whitelist feature, so, thanks! but I'm afraid it won't be possible to fixate on a specific client or a specific IP, for that matter. I was following the mod security rule link to get a better understanding, but when I logged in to WHM and went to the rule page, it's empty and saying you have no rules (screenshot attached). Even searching by a rule ID from the hit list also not producing any result, am I missing something here? thanks!
    0
  • nishu_pixofix
    Sorry I just found that clicking on a rule in the hit list page is producing error (screenshot attached). Maybe it's related to the list being empty? thanks!
    0
  • cPRex Jurassic Moderator
    That's definitely interesting. Since the tool is flagging content based on rules, I'm guessing there is some type of ruleset installed. Can you confirm that is in place in WHM >> ModSecurity Vendors?
    0
  • nishu_pixofix
    That's definitely interesting. Since the tool is flagging content based on rules, I'm guessing there is some type of ruleset installed. Can you confirm that is in place in WHM >> ModSecurity Vendors?

    yes, thank you for pointing me the way. i found one in that page (please see attachment), but it's also saying that the vendor is not installed! now i'm not too familiar with the overall procedure, but wondering how it's working if not installed or something! TIA!
    0
  • cPRex Jurassic Moderator
    This gets more interesting as we go! It might be worth submitting a ticket to our team so we can see what is happening directly on the system.
    0
  • nishu_pixofix
    This gets more interesting as we go! It might be worth submitting a ticket to our team so we can see what is happening directly on the system.

    understood, i'll submit a technical support request (guess that's the one you're talking about, never submitted a ticket here before). thanks for your guidance!
    0
  • cPRex Jurassic Moderator
    Once you have it, let me know the ticket number so I can follow along!
    0

Please sign in to leave a comment.