Hosting Mod Security Errors

[ibenick]

I recently moved my site to a new hosting company. I thought it would be a great change from my previous one but it has been kind of a nightmare so far. I am getting constant Forbidden errors related to the mod security rules. Every time I get it, I have to email my hosting support and they whitelist the action for that URL. But if I try to do the same thing, let say inline edit a post, but in a different thread. I get errors. If I persist, my IP gets blocked from my own website.

I've been pressing the issue with my hosting company and they've told me that my only options is to go to VPS. This seems ridiculous to me.

Any thoughts on this?

This is the response I just got from my hosting company. (LiquidWeb)

I have whitelisted:

/forum/forums/backpacking.20/create-thread/preview

rule id 300068.

Let me explain further. Because this is a shared server, if I were to
whitelist:

/forum/*

rule id 300068

to exclude that specific rule id for everything living in /forum, this would
apply to not just your account, but every account on the server, thus
compromising the security of other customers, and the security of the shared
server in question. This I cannot do. Per my previous response, all I can do
is to whitelist specific URIs paired with specific rule id exceptions, like
so:

/forum/forums/backpacking.20/create-thread/preview

rule id 300068.

I realize this can be a pain. You may want to look at moving to a VPS, where
we could have solved this mod_sec issue nearly instantly, because of course,
the entire server is yours, and your security concerns and the server's
security concerns jibe.

Please let me know if you have further concerns or questions, thanks!

 

[Jake Bunce]

Sounds like an overzealous rule set. What is it about the request that the server doesn't like? If they can identify and remove the offending rule then that will fix the problem.

I have seen some servers that block requests containing specific words. It's weird.

 

[ibenick]

I'm not sure what it doesn't like, it's always just some variation of this type of error:



At first it wouldn't let me link to images in my site root. Then it wouldn't let me use ad links that involved redirects. Now it usually happens when I try to edit or preview a post.

Sounds like I need to start searching for another new hosting company then?

 

[ibenick]

Not sure if this helps but the problems seem to increase when I turned on full friendly URLs.