Lightbox triggers mod_security block

  • Resolved webrightnow

    (@webrightnow)


    9 years, 1 month ago

    Hi, I was going mad because since migrating my website to a new server, the photo gallery’s lightbox mode had stopped working: the loader would keep turning but the images wouldn’t appear, then eventually the connection with the server would be blocked and I’d have to refresh my dynamic IP to reconnect.
    It occurred to me to check the server’s firewall logs. It seems that when I try to load up the lightbox, mod_security is triggered and the firewall locks me out:
    92.xx.xxx.xx # lfd: (mod_security) mod_security (id:970901) triggered by 92.xx.xxx.xx (GB/United Kingdom/host-xx-xx-xxx-xx.as13285.net): 5 in the last 3600 secs – Fri Feb 5 14:39:23 2016

    Maybe the new server has tighter security measures, I certainly don’t want to disable mod_security just to get the plugin to work, so what could be causing the block? Or is it just a question of modifying the mod_security settings?

    Thanks!

    https://www.ads-software.com/plugins/photo-gallery/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter webrightnow

    (@webrightnow)

    I checked the mod_security logs. The block is caused by this:

    Multiple URL encoding detected

    SecRule ARGS “\%((?!$|\W)|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})” “phase:request, rev:’2′, ver:’OWASP_CRS/3.0.0′, maturity:’6′, accuracy:’8′, t:none, block, msg:’Multiple URL Encoding Detected’, id:’950109′, tag:’application-multi’, tag:’language-multi’, tag:’platform-multi’, tag:’attack-protocol’, tag:’OWASP_CRS/PROTOCOL_VIOLATION/EVASION’, severity:’WARNING’, setvar:’tx.msg=%{rule.msg}’, setvar:tx.anomaly_score=+%{tx.warning_anomaly_score}, setvar:tx.%{rule.id}-OWASP_CRS/PROTOCOL_VIOLATION/EVASION-%{matched_var_name}=%{matched_var}”

    Any idea?

    Thread Starter webrightnow

    (@webrightnow)

    Well, I tried disabling the rule in mod_security and the lightbox seems to be working. Just hope this doesn’t somehow compromise security.

    Sona

    (@support-web-dorado)

    @webrighttnow,

    This might be a strict security rule issue. But using an exception for our Photo Gallery will not cause any security issues, thus you don’t need to worry about it. Thank you.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Lightbox triggers mod_security block’ is closed to new replies.