Ajax requests failed in Server Config

Discussion in 'Installation/Configuration' started by manarak, May 20, 2009.

  1. manarak

    manarak New Member

    whenever I click on "web" or "Jailkit" in server config, I get the error message "ajax request failed".

    why is that?
     
  2. till

    till Super Moderator

    I'am not able to reproduce that on my systems. Take a look in the apache logile if there are any errors.
     
  3. manarak

    manarak New Member

    you were right to point me in that direction - it appears mod_security is blocking the requests.
     
  4. manarak

    manarak New Member

    mod_security says "remote file access attempt", severity "critical", tag "web attack/file injection" data "/etc/"

    now that's scary enough and I am happy that mod_security blocks that type of request. or should it?


    what is the proper way?
    - ISPC3 code to be modified not to trigger any modsecurity alerts (currently I do not know if the ajax functions in ISPC are a potential vulnerability?)
    or
    - modify mod_security rules to allow these requests from ISPC panel.
     
  5. till

    till Super Moderator

    No, it should not as it is not a injection attack.

    Thats a false positive in mod security rules. A controlpanel mus be able to send a post request that contains the name of a system path like /etc/, otherwise you would not be able to administer the server. And this has nothing to do with the ajax functions in ispconfig.
     
  6. manarak

    manarak New Member

    the false positive is caused by rule file crs_40 line 114, id 950005

    Is someone knowledgable enough in mod_security rules to tell the forum how to authorize ISPConfig and only ISPConfig to perform such requests on the server?

    Thanks !
     

Share This Page