1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

xf Proxy Function triggers Mod_security

Discussion in 'Server Configuration and Hosting' started by Spiker400, Oct 17, 2015.

  1. Spiker400

    Spiker400 Member

    I have a Problem while using the internal xf Proxy function for links and Pictures.
    Everytime the Server blocks it - but i'm not realy sure to disable mod_sec rule for this, does has anyone a idea for this ?

    [Sat Oct 17 21:45:09.755975 2015] [:error] [pid 18726] [Client xxx.xxx.xxx.xxx] ModSecurity: Access denied with code 403 (phase 2). Pattern match "=(?:eek:gg|gopher|data|php|zlib|(?:ht|f)tps?)://" at REQUEST_URI. [file "/usr/local/apache/conf/modsec_rules/10_asl_rules.conf"] [line "511"] [id "340165"] [rev "284"] [msg "Atomicorp.com WAF Rules: Uniencoded possible Remote File Injection attempt in URI (AE)"] [data "/proxy.php?preview=http://www.google.de&hash=0sdfw4wer23r23r2scd"] [severity "CRITICAL"] [hostname "www2.xxxxxxxx.com"] [uri "/proxy.php"] [unique_id "ViKlRdXlYQcAAEWuMABE"]
  2. HWS

    HWS Well-Known Member

    This is to be expected with unmodified mod_security rules. Just exempt (whitelist) "proxy.php" from all rules and it will work. You also can disable mod_security completely, because XF has no security holes.
    Last edited: Oct 18, 2015

Share This Page