-
Notifications
You must be signed in to change notification settings - Fork 885
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade to 1.1.5 - 403 error access forbidden #2060
Comments
Browser test with multiple ( firefox, chrome, edge ) Changing back to version 1.14 in index file works. `Tue Feb 02 09:56:52.773125 2021] [:error] [pid 15441:tid 139720428046080] [client 10.2.1.75:3835] [client 10.2.1.75] ModSecurity: Access denied with code 403 (phase 4). Pattern match "(?i:<[\\t\\n\\r ]{0,}IFRAME[\\t\\n\\r ]{0,}?[^>]{0,}?src=\\x22javascript:)" at RESPONSE_BODY. [file "/usr/local/cwaf/rules/19_Outgoing_FilterInFrame.conf"] [line "21"] [id "214550"] [rev "1"] [msg "COMODO WAF: Malicious iframe+javascript tag in output||mydomain.com|F|3"] [data "Matched Data: <iframe src=\x22javascript: found within RESPONSE_BODY: <html class=\x22no-js rl-booted-trigger rl-started-trigger glass\x22 dir=\x22ltr\x22><meta http-equiv=\x22X-UA-Compatible\x22 content=\x22IE=edge,chrome=1\x22/><meta name=\x22viewport\x22 content=..."] [severity "ERROR"] [tag "CWAF"] [tag "FilterInFrame"] [hostname "mydomain.com"] [uri "/imail/index.php"] [unique_id "YBmEVOBEl8x1sNqhch0L1AAAFB8"] [Tue Feb 02 09:56:52.773463 2021] [:error] [pid 15441:tid 139718817728256] [client 10.2.1.75:3835] [client 10.2.1.75] ModSecurity: Warning. Operator GE matched 4 at TX:outgoing_points. [file "/usr/local/cwaf/rules/20_Outgoing_FiltersEnd.conf"] [line "38"] [id "214940"] [rev "2"] [msg "COMODO WAF: Outbound Points Exceeded| Total Points: 4|mydomain.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "mydomain.com"] [uri "/imail/index.php"] [unique_id "YBmEVOBEl8x1sNqhch0L1AAAFB8"]` |
@sukhbirgs does that mean that you have seen the same issue as me? |
Looks like it. |
Disabling ModSecurity allows the update (via WebUI or manually). So there seem to be some issues that need solving. |
I have the same issue. Additional info, when I add the index.php to the URL, rainlopp works (a little) |
same problem over here, also happens with a complete new install on a different domain |
The problem comes from the "FilterInFrame" rule (modsecurity ). By disabling the rule, everything works |
@Alinthda64 Please can you explain how i can do it? I didn't know where i finde it? Thanks. |
,@ghoeppener I have a graphical interface provided by plesk, I don't know how to do it otherwise. |
I use plesk too an I found it in the Web Application Firewall. Now it works. Thanks. |
Disabling COMODO WAF: Malicious iframe+javascript tag in output rule, RULE ID 214550 did the trick. I guess its the same rule mentioned above. To disable and you have access to gui, navigate to "Catalog" tab and Filter by [Item ID]: 214550 |
RainLoop version, browser, OS:
upgrade to version 1.15 from working 1.14
Expected behavior and actual behavior:
Expected behaviour - "To upgrade the installation, you simply need to upload files from the new package overwriting existing files. Directory structure is organized to have each new version installed to a different directory. Only a few files will be actually overwritten (/index.php and /data/VERSION).
All the additional reconfiguration will be done by the product on next run."
Actual behaviour is 403 error access forbidden
Fresh install is same behaviour
The text was updated successfully, but these errors were encountered: