hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Mod_Security Interference
Reply

Forum Jump

Mod_Security Interference

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 12-03-2011, 09:59 AM
anne202b anne202b is offline
Junior Guru Wannabe
 
Join Date: Jun 2009
Posts: 62
Exclamation

Mod_Security Interference


Hopefully I'm in the right forum...

Here's a brief description of my problem:

My host has modified the mod_security rules. (I am an almost complete 'dummy' when it comes to technical details regarding programming, etc. for my site. It's a CubeCart store.)

Since my host changed the rules, my banner has disappeared. They disabled mod_security and the banner returned, however, they then advised me I would be vulnerable to attacks, hackers, etc. Therefore, I had them re-enable it...again, no banner.

What can I do? (in simple terms) What is causing the interference? They say it's either enable or not; no modifications. The creator of my site's template won't help as he's no longer commercial. I'm at a loss, especially since I need simple instructions.

I would truly appreciate any help. Thanks.

A~



Sponsored Links
  #2  
Old 12-03-2011, 10:01 AM
net net is offline
Community Liaison
 
Join Date: Mar 2003
Posts: 10,845
Moved > Hosting Security and Technology.

__________________
JoneSolutions.Com + SSS = Your Number One Choice On The Net - since 2001

You are most welcome to email me at sales @ jonesolutions.com .

  #3  
Old 12-03-2011, 10:04 AM
anne202b anne202b is offline
Junior Guru Wannabe
 
Join Date: Jun 2009
Posts: 62
Thanks, Net. Sorry 'bout that.

http://cactusandcoyote.com

Thought I should put my site on here for any reference you may need.

Sponsored Links
  #4  
Old 12-03-2011, 10:24 AM
Patrick Patrick is offline
Security Ninja
 
Join Date: Mar 2003
Location: Canada
Posts: 8,606
Tell them to determine what mod_security rule your website is tripping and disable that single rule. Chances are if it's affecting you, it's probably affecting someone else. A lot of times, people download mod_security rule sets that are overly aggressive in a shared hosting environment and it's necessary to disable some of them. There's no need to disable mod_security entirely...

Edit:

I looked at your website, based on a few quick tests it seems like they block anything that contains images and .php in the same URL. For example these URL's will not work:

http://cactusandcoyote.com/images/test.php
http://www.cactusandcoyote.com/store/images/test.php

However, if you rename the .php to something like .jpg then it will load OK if the file existed:

http://cactusandcoyote.com/images/test.jpg
http://www.cactusandcoyote.com/store/images/test.jpg

Seems like a very silly mod_security rule... another option would be to edit your CubeCart theme and instead of using /store/images/geLogo.php to bring up your logo, have it open the image file directly. If that makes sense.

__________________
Patrick William | Rack911 Research Labs | Software Security Auditing
250+ Vulnerabilities Found - Get a quote on a professional audit @ Rack911.com

www.HostingSecList.com - Security notices for the hosting community.


Last edited by Patrick; 12-03-2011 at 10:31 AM.
  #5  
Old 12-03-2011, 10:53 AM
anne202b anne202b is offline
Junior Guru Wannabe
 
Join Date: Jun 2009
Posts: 62
Wow, Patrick, thanks!

What you wrote makes sense (kind of), I just don't know how to make the changes. I used to have the designer to fall back on for help, but if I mess up now.....

How/where do I change the .php files to .jpg? And based on that, would it be better if I contacted my host and pushed the subject of modifying the mod_security?

  #6  
Old 12-03-2011, 11:27 AM
Patrick Patrick is offline
Security Ninja
 
Join Date: Mar 2003
Location: Canada
Posts: 8,606
I'm not 100% sure on how to change the logo in CubeCart. When you log into your administrative panel and go to Store Config (or Store Settings) there should be a logo option there. Do you see one and if so, what is it currently set to?

From what I can tell your store is set to use this as the logo:

images/getLogo.php?skin=BlueVibranceCC4

You want to change it to the image file directly:

skins/BlueVibranceCC4/styleImages/logo/Logo.png

I would also mention it to your host, that they are blocking images+php files from being opened. I understand why it's there, often times people will maliciously upload files into the images directory ... but it's most likely going to break other users software in the process. It's sometimes difficult to balance security + usability in a shared hosting environment.

  #7  
Old 12-03-2011, 12:54 PM
SafeSrv SafeSrv is offline
Junior Guru
 
Join Date: Apr 2008
Location: UK
Posts: 235
Looks like they have rules configured so that certain directories that will most likely not have php files within will be blocked.

__________________
SafeSrv.net - Secure Hosting, VPN and Management Services.
WHMCS FreeRADIUS VPN Module. - Build a fully featured VPN business in no time.

  #8  
Old 12-03-2011, 01:00 PM
anne202b anne202b is offline
Junior Guru Wannabe
 
Join Date: Jun 2009
Posts: 62
Fixed! I changed the /getLogo.php to logo/Logo.png. Yay!!!!!!

I will be letting my host know the other issue you brought up. Very strange. Are you 'not' seeing certain images on your computer?

Thanks, Patrick!!

Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mod_security 1.x to mod_security 2.x rule conversion service needed! bloodyman Systems Management Requests 1 11-08-2011 09:37 PM
When bots attack (a catch 22...) mod_security vs. no mod_security BTCentral - Ron Hosting Security and Technology 12 04-12-2010 11:32 AM
Cell Phone interference atechstl Web Hosting Lounge 0 10-27-2008 06:12 PM
more government interference Project X Web Hosting Lounge 3 12-16-2006 07:52 AM
Wireless headphones and interference? RDX1 Web Hosting Lounge 0 03-09-2004 02:53 AM

Related posts from TheWhir.com
Title Type Date Posted
Trustwave Acquires Data Security Provider Application Security Inc. Web Hosting News 2013-11-11 12:49:52
Sophos Launches Cloud-Based Managed Security Service Web Hosting News 2013-10-29 17:53:59
WHMCS Security Issue Allows for Information Disclosure Web Hosting News 2013-10-25 09:30:46
Secure128 Launches IT Security Services, Names VP of IT Security Sales Web Hosting News 2012-07-13 12:51:15
Half of UK Firms Failing to Heed Security Breach Warnings, says Bunker Study Web Hosting News 2012-06-13 14:47:51


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?