• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Mod_Security + Joomla

S

Stefan Becker

Basic Pleskian
Hi,

my friends couldn't write new article about the Joomla Frontend, if i activate the mod_security option. If i select onyl detection, it's work. I would like to make an exclusion for this problem, but i can't find the id.

Here are the log:
Code: 
--325f4e64-A--
[31/Aug/2014:18:52:11 +0200] VANSjX8AAQEAADTMCIcAAABB 80.145.197.194 59664 85.10.210.154 7080
--325f4e64-B--
POST /neuer-beitrag?a_id=0 HTTP/1.0
Host: www.psv-re.de
X-Real-IP: 80.145.197.194
X-Forwarded-For: 80.145.197.194
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Content-Length: 391
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://www.psv-re.de/neuer-beitrag
Cookie: _ga=GA1.2.697755985.1407180699; 8230498a5bc920feb21419b50567be09=319o5ehv1u4lhuvv6k469qntj1; 41b8c8bb2213e3dd202e53316df7f77b=oek7hbc6j057ksb9ljssmb2754
Content-Type: application/x-www-form-urlencoded

--325f4e64-F--
HTTP/1.1 500 Internal Server Error
Last-Modified: Wed, 11 Apr 2012 09:03:06 GMT
ETag: "2c2998-4e9-4bd6381ec4680"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 687
Connection: close
Content-Type: text/html

--325f4e64-H--
Apache-Error: [file "fcgid_proc_unix.c"] [line 604] [level 4] mod_fcgid: read data timeout in 45 seconds, referer: http://www.psv-re.de/neuer-beitrag
Apache-Error: [file "util_script.c"] [line 435] [level 19] Premature end of script headers: index.php, referer: http://www.psv-re.de/neuer-beitrag
Stopwatch: 1409503885994466 45051830 (- - -)
Stopwatch2: 1409503885994466 45051830; combined=1352, p1=1, p2=1344, p3=0, p4=0, p5=6, sr=0, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.8.0 (http://www.modsecurity.org/); 201408291559.
Server: Apache
Engine-Mode: "ENABLED"

Can anyone help me?

Stefan
 
When I was testing mod_security, I found the ID's were logged in the domains error.log rather than the mod_security logs.

Hope it helps

Kind regards

Lloyd

EDIT OS Ubuntu 12.04
 
Hi Stefan Becker,

It seems that it is performance related error:
Apache-Error: [file "fcgid_proc_unix.c"] [line 604] [level 4] mod_fcgid: read data timeout in 45 seconds, referer: http://www.psv-re.de/neuer-beitrag
You can try to do

1) increase server resources if it is possible (VPS): memory and CPU

2) use another ModSecurity ruleset: Comodo, as example
3) change "Predefined set of values" for ModSecurity to "Fast":
modSecurity-performance.jpg
 
You must log in or register to reply here.

Similar threads

D
Resolved rel="canonical" response header is lost between Apache and Nginx proxy
Replies
6
Views
1K
Deleted member 209767
D
S
Resolved FORBIDDEN ACCESS
Replies
2
Views
2K
soliu
S
P
Question Plesk RESTful API. Database <---> Site
Replies
2
Views
2K
pvl
P
Azurel
Issue ModSecurity: Issue with Comodo rules set?
Replies
1
Views
2K
Azurel
Azurel
Ming
Issue Passenger issue - boost::thread_resource_error: Resource temporarily unavailable
Replies
12
Views
3K
Ming
Ming
Back
Top