Cannot create accounts by api after upgrade to 3.1.11

Discussion in 'ISPConfig 3 Priority Support' started by Abel Vieira, Feb 14, 2018.

  1. Abel Vieira

    Abel Vieira New Member HowtoForge Supporter

    After upgrade ispconfig to 3.1.11 the website add function in API not work anymore.

    After read the log, i found this:

    [INTERFACE]: PHP IDS Alert.Total impact: 54<br/> Affected tags: xss, csrf, dt, id, lfi, rfe, sqli<br/> <br/> Variable: POST.{&quot;session_id&quot;:&quot;(hidden)&quot;,&quot;client_id&quot;:&quot;282&quot;,&quot;params&quot;:{&quot;server_id&quot;:&quot;5&quot;,&quot;http_port&quot;:80,&quot;https_port&quot;:443,&quot;ip_address&quot;:&quot;*&quot;,&quot;ipv6_address&quot;:&quot;&quot;,&quot;domain&quot;:&quot;(hidden)&quot;,&quot;type&quot;:&quot;vhost&quot;,&quot;parent_domain_id&quot;:0,&quot;vhost_type&quot;:&quot;name&quot;,&quot;hd_quota&quot;:-1,&quot;traffic_quota&quot;:-1,&quot;cgi&quot;:&quot;n&quot;,&quot;ssi&quot;:&quot;n&quot;,&quot;suexec&quot;:&quot;y&quot;,&quot;errordocs&quot;:1,&quot;is_subdomainwww&quot;:1,&quot;subdomain&quot;:&quot;www&quot;,&quot;php&quot;:&quot;php-fpm&quot;,&quot;perl&quot;:&quot;n&quot;,&quot;ruby&quot;:&quot;n&quot;,&quot;python&quot;:&quot;n&quot;,&quot;redirect_type&quot;:&quot;&quot;,&quot;redirect_path&quot;:&quot;&quot;,&quot;seo_redirect&quot;:&quot;&quot;,&quot;rewrite_rules&quot;:&quot;&quot;,&quot;ssl&quot;:&quot;y&quot;,&quot;ssl_letsencrypt&quot;:&quot;n&quot;,&quot;ssl_state&quot;:&quot;&quot;,&quot;ssl_locality&quot;:&quot;&quot;,&quot;ssl_organisation&quot;:&quot;&quot;,&quot;ssl_organisation_unit&quot;:&quot;&quot;,&quot;ssl_country&quot;:&quot;&quot;,&quot;ssl_domain&quot;:&quot;(hidden)&quot;,&quot;ssl_request&quot;:&quot;-----BEGIN_CERTIFICATE_REQUEST-----(hidden)1Mw | Value: =n-----END CERTIFICATE REQUEST-----&quot;,&quot;ssl_cert&quot;:&quot;-----BEGIN CERTIFICATE-----(hidden)n-----END CERTIFICATE-----&quot;,&quot;ssl_bundle&quot;:&quot;-----BEGIN CERTIFICATE-----(hidden)-----n-----BEGIN CERTIFICATE-----(hidden) n-----END CERTIFICATE-----&quot;,&quot;ssl_action&quot;:&quot;save&quot;,&quot;stats_password&quot;:&quot;&quot;,&quot;stats_type&quot;:&quot;&quot;,&quot;allow_override&quot;:&quot;All&quot;,&quot;apache_directives&quot;:&quot;&quot;,&quot;php_open_basedir&quot;:&quot;/&quot;,&quot;custom_php_ini&quot;:&quot;session.save_handler = redisnsession.save_path = &quot;tcp://127.0.0.1:6379&quot;&quot;,&quot;backup_interval&quot;:&quot;none&quot;,&quot;backup_copies&quot;:1,&quot;backup_excludes&quot;:&quot;&quot;,&quot;active&quot;:&quot;y&quot;,&quot;traffic_quota_lock&quot;:&quot;n&quot;,&quot;php_fpm_use_socket&quot;:&quot;y&quot;,&quot;pm&quot;:&quot;dynamic&quot;,&quot;pm_max_children&quot;:10,&quot;pm_start_servers&quot;:2,&quot;pm_min_spare_servers&quot;:1,&quot;pm_max_spare_servers&quot;:5,&quot;pm_max_requests&quot;:0,&quot;pm_process_idle_timeout&quot;:10,&quot;log_retention&quot;:30,&quot;added_date&quot;:&quot;2018-02-14 17:24:01&quot;,&quot;ssl_key&quot;:&quot;-----BEGIN RSA PRIVATE KEY-----(hidden)-----END RSA PRIVATE KEY-----&quot;,&quot;added_by&quot;:&quot;CPL API&quot;}}<br/> Impact: 54 | Tags: xss, csrf, dt, id, lfi, rfe, sqli<br/> Description: Finds attribute breaking injections including whitespace attacks | Tags: xss, csrf | ID 2<br/> Description: Detects basic directory traversal | Tags: dt, id, lfi | ID 10<br/> Description: Detects JavaScript location/document property access and window access obfuscation | Tags: xss, csrf | ID 23<br/> Description: Detects data: URL injections, VBS injections and common URI schemes | Tags: xss, rfe | ID 27<br/> Description: Detects common comment types | Tags: xss, csrf, id | ID 35<br/> Description: Detects classic SQL injection probings 2/2 | Tags: sqli, id, lfi | ID 43<br/> Description: Detects basic SQL authentication bypass attempts 1/3 | Tags: sqli, id, lfi | ID 44<br/> Description: Detects basic SQL authentication bypass attempts 2/3 | Tags: sqli, id, lfi | ID 45<br/> Description: Detects basic SQL authentication bypass attempts 3/3 | Tags: sqli, id, lfi | ID 46<br/> Description: Detects MySQL comment-/space-obfuscated injections and backtick termination | Tags: sqli, id | ID 57<br/> <br/>​

    I can be do something to fix?

    Regards,
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Update to git-stable (not git-master), the issue is fixed there. Or you turn of the IDS completely for anon and user in /usr/local/ispconfig/security/security_settings.ini until ISPConfig 3.1.12 get's released.
     

Share This Page