fbpx

204,593+ downloads

0
  Monday, 03 September 2018
  2 Replies
  864 Visits
  Subscribe
After login the bank-end through a seller, when I try to update bank information followed by save button; the page becomes inaccessible. It gives the following error. If I rename the "sellcious" folder it is again accessible.

HTTP Error 403 - Forbidden
Error. Page cannot be displayed. Please contact your service provider for more details. (30)

The website is hosted in HostGator and I created a ticket for this issue. They responded like below...

Upon checking we found that mod security rule was blocking your website.

ModSecurity is one of the apache server modules that provides a complete website protection by defending hackers and other malicious attacks. It is a set of rules with regular expressions that helps to instantly ex-filtrate the commonly known exploits.ModSecurity obstructs the processing of invalid data (code injection attacks) to reinforce and nourish server's security

We found following error logs for your domain :

[Sun Sep 02 15:03:45.631298 2018] [:error] [pid 26491:tid 140563493766912] [client 111.93.159.50:0] [client 111.93.159.50] ModSecurity: Warning. Operator GE matched 5 at TX:inbound_anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/RESPONSE-980-CORRELATION.conf"] [line "37"] [id "980130"] [msg "Inbound Anomaly Score Exceeded (Total Inbound Score: 5 - SQLI=0,XSS=0,RFI=0,LFI=5,RCE=0,PHPI=0,HTTP=0,SESS=0): OS File Access Attempt"] [tag "event-correlation"] [hostname "universaluse.com"] [uri "/errors/mdh-403.html"] [unique_id "W4v70SYUr9-KskqDQ9S2@wAAAAg"], referer: https://universaluse.com/sellacious10/index.php?option=com_sellacious&view=profile

Please note that we can not white list this rule because white listing the above mentioned rule will leave the server vulnerable so Please contact your web developer to check the code.
Thank you for reporting. kindly DM us server access/cpanel access so that we can look into this further. It looks as if your server provider is blocking some of our scripts by mistake.

-Abhishek
4 years ago
·
#2401
Thanks for the response. I've updated the credentials.
  • Page :
  • 1
There are no replies made for this post yet.
Be one of the first to reply to this post!
  • +1 (408) 821-8283
  • Email hello@sellacious.com