Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Mod_Security Interference

[anne202b]

Hopefully I'm in the right forum...

Here's a brief description of my problem:

My host has modified the mod_security rules. (I am an almost complete 'dummy' when it comes to technical details regarding programming, etc. for my site. It's a CubeCart store.)

Since my host changed the rules, my banner has disappeared. They disabled mod_security and the banner returned, however, they then advised me I would be vulnerable to attacks, hackers, etc. Therefore, I had them re-enable it...again, no banner.

What can I do? (in simple terms) What is causing the interference? They say it's either enable or not; no modifications. The creator of my site's template won't help as he's no longer commercial. I'm at a loss, especially since I need simple instructions.

I would truly appreciate any help. Thanks.

A~

[net]

Moved > Hosting Security and Technology.

[anne202b]

Thanks, Net. Sorry 'bout that.

http://cactusandcoyote.com

Thought I should put my site on here for any reference you may need.

[Patrick]

Tell them to determine what mod_security rule your website is tripping and disable that single rule. Chances are if it's affecting you, it's probably affecting someone else. A lot of times, people download mod_security rule sets that are overly aggressive in a shared hosting environment and it's necessary to disable some of them. There's no need to disable mod_security entirely...

Edit:

I looked at your website, based on a few quick tests it seems like they block anything that contains images and .php in the same URL. For example these URL's will not work:

http://cactusandcoyote.com/images/test.php
http://www.cactusandcoyote.com/store/images/test.php

However, if you rename the .php to something like .jpg then it will load OK if the file existed:

http://cactusandcoyote.com/images/test.jpg
http://www.cactusandcoyote.com/store/images/test.jpg

Seems like a very silly mod_security rule... another option would be to edit your CubeCart theme and instead of using /store/images/geLogo.php to bring up your logo, have it open the image file directly. If that makes sense.

[anne202b]

Wow, Patrick, thanks!

What you wrote makes sense (kind of), I just don't know how to make the changes. I used to have the designer to fall back on for help, but if I mess up now.....

How/where do I change the .php files to .jpg? And based on that, would it be better if I contacted my host and pushed the subject of modifying the mod_security?

[Patrick]

I'm not 100% sure on how to change the logo in CubeCart. When you log into your administrative panel and go to Store Config (or Store Settings) there should be a logo option there. Do you see one and if so, what is it currently set to?

From what I can tell your store is set to use this as the logo:

images/getLogo.php?skin=BlueVibranceCC4

You want to change it to the image file directly:

skins/BlueVibranceCC4/styleImages/logo/Logo.png

I would also mention it to your host, that they are blocking images+php files from being opened. I understand why it's there, often times people will maliciously upload files into the images directory ... but it's most likely going to break other users software in the process. It's sometimes difficult to balance security + usability in a shared hosting environment.

[SafeSrv]

Looks like they have rules configured so that certain directories that will most likely not have php files within will be blocked.

[anne202b]

Fixed! I changed the /getLogo.php to logo/Logo.png. Yay!!!!!!

I will be letting my host know the other issue you brought up. Very strange. Are you 'not' seeing certain images on your computer?

Thanks, Patrick!!