HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Ajax requests failed in Server Config (http://www.howtoforge.com/forums/showthread.php?t=35211)

manarak 20th May 2009 00:44

Ajax requests failed in Server Config
 
whenever I click on "web" or "Jailkit" in server config, I get the error message "ajax request failed".

why is that?

till 20th May 2009 09:59

I'am not able to reproduce that on my systems. Take a look in the apache logile if there are any errors.

manarak 20th May 2009 10:30

you were right to point me in that direction - it appears mod_security is blocking the requests.

manarak 20th May 2009 10:39

mod_security says "remote file access attempt", severity "critical", tag "web attack/file injection" data "/etc/"

now that's scary enough and I am happy that mod_security blocks that type of request. or should it?


what is the proper way?
- ISPC3 code to be modified not to trigger any modsecurity alerts (currently I do not know if the ajax functions in ISPC are a potential vulnerability?)
or
- modify mod_security rules to allow these requests from ISPC panel.

till 20th May 2009 10:43

Quote:

now that's scary enough and I am happy that mod_security blocks that type of request. or should it?
No, it should not as it is not a injection attack.

Thats a false positive in mod security rules. A controlpanel mus be able to send a post request that contains the name of a system path like /etc/, otherwise you would not be able to administer the server. And this has nothing to do with the ajax functions in ispconfig.

manarak 20th May 2009 11:05

the false positive is caused by rule file crs_40 line 114, id 950005

Is someone knowledgable enough in mod_security rules to tell the forum how to authorize ISPConfig and only ISPConfig to perform such requests on the server?

Thanks !


All times are GMT +2. The time now is 09:29.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.