PayPal Instant Payment Notification Warning
Hi,
I am getting following mail from paypal.
We are using latest version of clientexec. Recently i have installed modsecurity in whm. Here is the modsecurity log
callback.php is attached with this. Is this related to modsecurity, if so, how can I fix it ? Please help me to resolve this issue. Thanks, Annie
Please check your server that handles PayPal Instant Payment Notifications (IPN). Instant Payment Notifications sent to the following URL(s) are failing:
http://billing.xx.com/plugins/gateways/paypal/callback.php
If you do not recognize this URL, you may be using a service provider that is using IPN on your behalf. Please contact your service provider with the above information. If this problem continues, IPNs may be disabled for your account.
Thank you for your prompt attention to this issue.
Thanks,
PayPal
We are using latest version of clientexec. Recently i have installed modsecurity in whm. Here is the modsecurity log
Message: Rule processing failed.
Message: Access denied with redirection to http://billing.xx.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"> [line "299"> [id "960015"> [rev "3"> [msg "Request Missing an Accept Header"> [severity "NOTICE"> [ver "OWASP_CRS/3.0.0"> [maturity "9"> [accuracy "8"> [tag "Host: billing.xx.com"> [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"> [tag "WASCTC/WASC-21"> [tag "OWASP_TOP_10/A7"> [tag "PCI/6.5.10">
Action: Intercepted (phase 2)
Stopwatch: 1425287937186573 77823 (- - -)
Stopwatch2: 1425287937186573 77823; combined=399, p1=83, p2=181, p3=0, p4=0, p5=98, sr=34, sw=37, l=0, gc=0
Producer: ModSecurity for Apache/2.8.0 (http://www.modsecurity.org/); OWASP_CRS/3.0.0.
Server: Apache
Engine-Mode: "ENABLED"
callback.php is attached with this. Is this related to modsecurity, if so, how can I fix it ? Please help me to resolve this issue. Thanks, Annie
-
Home " Security Center " ModSecurity" Tools " Hits List In top search tool there, type this: 960015 In results, click the "Rule ID" to right side. Untick, "Enable Rule" Click Save. 0 -
Apparently Mod security isn't foolproof, and some rules may have to be disabled to allow it to work for your particular setup. Incidentally 960015 was one of the first ones I had to disable. 0
Please sign in to leave a comment.
Comments
2 comments