store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Sat Jul 26, 2014 1:11 pm

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 3 posts ] 
Author Message
 Post subject: error 403 when trying to pass full url from form to script
Unread postPosted: Mon Apr 19, 2010 5:28 pm 
Offline
New Forum User
New Forum User

Joined: Mon Apr 19, 2010 5:09 pm
Posts: 2
When i try to pass a full url (http://www.example.com) from a field in a form to a script, i get following error message in my log. (and the scipt won't run...the browser simply says "forbidden". )

This field is for people to enter their web addresses and picture URL's, so it's information I want. However, because it's recognized as a remote file injection attempt, my form won't work.

[Mon Apr 19 13:52:06 2010] [error] [client ] ModSecurity: [file "/etc/httpd/modsecurity.d/10_asl_rules.conf"] [line "815"] [id "340162"] [rev "177"] [msg "Atomicorp.com WAF Rules: Remote File Injection attempt in ARGS (AE)"] [data ""] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "beginsWith http://%{SERVER_NAME}/" against "MATCHED_VAR" required. [hostname "www.eyetryon.com"] [uri "/merch/Update_Product.php"] [unique_id "IkJ@jwoHRisAAFPMRpIAAAAL"]


Top
 Profile  
 
 Post subject: Re: error 403 when trying to pass full url from form to scri
Unread postPosted: Mon Apr 19, 2010 6:26 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3600
Location: Chantilly, VA
Thats mod_security and probably a false positive, can you pull up the event in ASL and send us the event? We can put out a fix for the rules.

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: error 403 when trying to pass full url from form to scri
Unread postPosted: Wed Apr 21, 2010 12:16 pm 
Offline
New Forum User
New Forum User

Joined: Mon Apr 19, 2010 5:09 pm
Posts: 2
I don't think I have access to this, but I will ask my hosting company, and get back to you soon. Thank you so much.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group