![]() ![]() The firewall is getting pretty nervous about that! Understandable: it’s a random script with weird looking data… With severity “CRITICAL” (Note if you see a severity of DEBUG or WARNING, those are not likely to be responsible for a visible 403 error).When it was submitting an image in encoded base64 format ( data:image/png base64).That it considered a XSS Attack (Cross Site Scripting).Some kind of script ( javascript, livescript, etc).Some entries are for debugging or general information, not all are for blocking.) Access was denied with a forbidden error ( code 403) (Note: if you do not see ‘code 403’ or ‘Access denied’, then the ModSecurity log entry you’re looking at is not relevant: move on to the next one.Reading the bold sections in order, this error is stating that the firewall found: ![]() We’ve also made certain parts bold to indicate what is most relevant to us. [data "Matched Data: data: found within ARGS:input_5_7_data_canvas: data:image/png base64, to make this a bit more readable. Pattern match "( asfunction|data|javascript|livescript|mocha|vbscript):" at ARGS:input_5_7_data_canvas. It’s important to identify the log entries that directly correspond with the action you’re taking, otherwise, you’ll end up both weakening the firewall and not resolving the problem at the same time.įirewall related errors will look similar to this: ModSecurity: Access denied with code 403 (phase 2). Check out our guide on how to use the Plesk file manager to analyze your website logs.īecause our web application firewall helps to block common attacks, you might see many ModSecurity entries in the log. The first step is to check the server logs to find out why it’s providing such an error. Note that the rules are most likely to affect submitting data to the server, like when submitting a form or updating data in the backend of your site. This can happen seemingly out of the blue because our firewall rules are updated on a weekly basis potentially adding new rules each week that could affect the operation of your site. If you’re getting a 403 forbidden error that doesn’t match one of the actions above, you may wish to first check out our general guide to troubleshooting 403 errors. When adding javascript or PHP code through your website’s admin panel (and not the Plesk File Manager or FTP).If you use the Divi theme/builder for WordPress, it will indicate something like “Error while saving the page” then provide a list of potential causes.Using any website builder, it might fail to save your changes.Here’s some common scenarios when this happens: However, in some cases, legitimate actions can be incorrectly identified as an attack and your action will be blocked. Way more often than not, our web application firewall (called Mod Security or modsec) is protecting your website from automated hacking attempts. A 403 forbidden error most frequently occurs when our security systems are protecting your site. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |