Skip to main content


 

Friendica und Mod_Security unter Centos 7


Ich habe den Verdacht #Friendica und Modsec wird hartes Brot! :)

--74a15b7a-A--
[02/Jul/2017:01:14:56 +0200] WVgs8EK0gq3AOuviD7RvDAAAAMM 172.16.251.252 35098 109.230.227.244 443
--74a15b7a-B--
GET /favicon.ico HTTP/1.1
Host: friendica.ladies.community
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de-DE,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Cookie: Friendica=%7B%22uid%22%3A%221%22%2C%22hash%22%3A%2241223506d759b9c4ba21a62462a1d419d8af39665c08c01540cf463373066b30%22%2C%22ip%22%3A%22172.16.251.252%22%7D; PHPSESSID=6ojs90qj4md1phsrp3s92jgf51
Connection: keep-alive

--74a15b7a-F--
HTTP/1.1 403 Forbidden
Content-Length: 213
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

--74a15b7a-E--

--74a15b7a-H--
Message: Access denied with code 403 (phase 2). Pattern match "([\\~\\!\\@\\#\\$\\%\\^\\&\\*\\(\\)\\-\\+\\=\\{\\}\\[\\]\\|\\:\\;\"\\'\\\xc2\xb4\\\xe2\x80\x99\\\xe2\x80\x98\\`\\<\\>].*?){8,}" at REQUEST_COOKIES:Friendica. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "157"] [id "981172"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: \x22 found within REQUEST_COOKIES:Friendica: {\x22uid\x22:\x221\x22,\x22hash\x22:\x2241223506d759b9c4ba21a62462a1d419d8af39665c08c01540cf463373066b30\x22,\x22ip\x22:\x22172.16.251.252\x22}"] [ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"]
Action: Intercepted (phase 2)
Stopwatch: 1498950896397722 1509 (- - -)
Stopwatch2: 1498950896397722 1509; combined=936, p1=103, p2=805, p3=0, p4=0, p5=28, sr=28, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.7.3 (http://www.modsecurity.org/); OWASP_CRS/2.2.9.
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
Engine-Mode: "ENABLED"

--74a15b7a-Z--

Bild/Foto
#friendica Centos Linux Friendica Mod_Security Centos Linux Friendica Mod_Security
Dieser Beitrag wurde bearbeitet. (2 Jahre her)