1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Mod_security and bad request problem

Discussion in 'Plesk for Linux - 8.x and Older' started by defcode, Feb 11, 2008.

  1. defcode

    defcode Guest

    0
     
    Hello,

    We recently build a new server using CentOS 5 and Plesk 8.3, everything went well during setup except for the following things we discovered after migrating some domains:

    1.Even though mod_security2 is installed we can't use "SecRuleEngine Off" in an .htaccess file to disable it on certain domains. Anyone know where we can enable this directive ? (Returning 500 internal error if we try at the moment).

    2.We have some big problems using accents (éàè...) and special characters ({(/%*...) in url or using POST, GET request on some webpages on different domains that were not having such problems on the old server Plesk 8.1. Is there some kind of apache module that should change in the url those special characters for example: ( should be changed in %28) .

    Sorry for my bad english.

    Any help on this would be really apreciated.

    defcode
     
  2. lvalics

    lvalics Silver Pleskian Plesk Guru

    36
    43%
    Joined:
    Jun 20, 2003
    Messages:
    965
    Likes Received:
    32
    Location:
    Romania
    1. You cannot setup as I know in .htaccess the rules.
    2. Try to add to vhost.conf the rule what you need to ignore.
    SecRuleRemoveById "340144" example.
     
  3. defcode

    defcode Guest

    0
     
    Hello,

    Thanks for the answer but it's kinda strange since we were able to do this by adding "SecFilterEngine Off" in an .htaccess file in the old mod_security. Only thing i found is that it should be "SecRuleEngine Off" now in the version 2 but with any of them i get this 500 internal error like this directive is unknown or misstyped.

    Thanks also for the idea to remove it by using this line in the vhost.conf but for this solution we'll need our intervention each time for each domain and until now that SecFilterEngine Off was really helpfull for that reason.

    Regards

    defcode
     
  4. lvalics

    lvalics Silver Pleskian Plesk Guru

    36
    43%
    Joined:
    Jun 20, 2003
    Messages:
    965
    Likes Received:
    32
    Location:
    Romania
    I tried one time and I got that is not supported, maybe I am wrong (I hope :))
     
  5. atomicturtle

    atomicturtle Golden Pleskian

    29
     
    Joined:
    Nov 20, 2002
    Messages:
    2,110
    Likes Received:
    7
    Location:
    Washington, DC
    I believe that manipulation of the security policy via .htaccess files is no longer allowed.
     
  6. defcode

    defcode Guest

    0
     
    Thanks i guess we'll have to remove some of the rules then.

    For the special characters any of you have an idea?
     
  7. atomicturtle

    atomicturtle Golden Pleskian

    29
     
    Joined:
    Nov 20, 2002
    Messages:
    2,110
    Likes Received:
    7
    Location:
    Washington, DC
    If I had the full alert file yeah. We support mod_security in ASL.
     
  8. defcode

    defcode Guest

    0
     
    I decided to remove temporarly the mod security to check all those problems and yep everything goes fines after switching off the mod security. I need now to figure wich rules is causing all those problems. A better look at the log files will probably do it.
     
  9. lvalics

    lvalics Silver Pleskian Plesk Guru

    36
    43%
    Joined:
    Jun 20, 2003
    Messages:
    965
    Likes Received:
    32
    Location:
    Romania
    It is very risky, I get I think very 1 minute a try on our servers and mod_seucrity stop it.
     
Loading...