Skip to main content

Mod_Security Log Entry

Comments

2 comments

  • cPanelMichael
    Hello :) Internal case CPANEL-268 is open to address the issue where autoconfig/autodiscover.cpanel.net needs to set a User-Agent string to avoid being blocked by the Atomicorp WAF Mod_Security rules. This rule ID is documented at:
    0
  • quizknows
    In addition to the information provided above by Michael, the requests are not attacks. They are legitimate requests from cPanel servers that happen to use a User-Agent that Atomicorp blocks by default. I reported this in the past and as Michael stated CPANEL-268 is open to address this. In the mean time if your server has a file at /etc/asl/whitelist you can add the cPanel autodiscover IP addresses to that file and restart apache, or temporarily disable rule 330039 in your ModSecurity configuration.
    0

Please sign in to leave a comment.