Facebook
Twitter
Ras Alghul
New Pleskian
- Server operating system version
- Plesk Obsidian v18.0.58_build1800240123.15 os_Ubuntu 22.04
- Plesk version and microupdate number
- Plesk Obsidian v18.0.58_build1800240123.15 os_Ubuntu 22.04
Hi,
We are experiencing an issue with one of our customers, unique to their case.
They encounter difficulties accessing our Nextcloud installation when the Web Application Firewall is enabled. This user, who operates on both Mac and iPhone, faces constant rejections. This issue persists whether they use the Nextcloud app or the desktop application, and even attempts to connect via an HTTPS browser result in rejection.
Upon reviewing the log files, this problem's cause remains unclear. It's particularly puzzling as other Apple Mac users do not encounter these issues.
Could you help us understand why this is happening and why it's isolated to this specific user?
I'm struggling to understand the issue related to the file extension.
Interestingly, when the Application Firewall is disabled, this particular user does not experience any problems. This further complicates our understanding of the issue.
We are experiencing an issue with one of our customers, unique to their case.
They encounter difficulties accessing our Nextcloud installation when the Web Application Firewall is enabled. This user, who operates on both Mac and iPhone, faces constant rejections. This issue persists whether they use the Nextcloud app or the desktop application, and even attempts to connect via an HTTPS browser result in rejection.
Upon reviewing the log files, this problem's cause remains unclear. It's particularly puzzling as other Apple Mac users do not encounter these issues.
Could you help us understand why this is happening and why it's isolated to this specific user?
Code:
--f7d4e022-H--
Message: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||customer.domain.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"]
Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 80.187.80.166] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/modsecurity.d/rules/comodo_free/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||customer.domain.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "customer.domain.com"] [uri "/remote.php/dav/files/[email protected]"] [unique_id "ZcCchXhdkYMpOqMcyyQ3eQAAAI4"]
Action: Intercepted (phase 2)
Apache-Handler: proxy:unix:/var/www/vhosts/system/customer.domain.com/php-fpm.sock|fcgi://127.0.0.1:9000
Stopwatch: 1707121797791133 788374 (- - -)
Stopwatch2: 1707121797791133 788374; combined=1391, p1=556, p2=705, p3=0, p4=0, p5=129, sr=142, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.9.7 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"I'm struggling to understand the issue related to the file extension.
Interestingly, when the Application Firewall is disabled, this particular user does not experience any problems. This further complicates our understanding of the issue.
