Modsecurity blocks upload .json file
by lq_win from LinuxQuestions.org on (#6PSWM)
Hi,
I run modsecurity, I'm unable to upload a json file (error 500) from my wordpress template, I checked on /var/log/http/modsecurity_audit.log and found as below:
how to deal with this?
Quote:
I run modsecurity, I'm unable to upload a json file (error 500) from my wordpress template, I checked on /var/log/http/modsecurity_audit.log and found as below:
how to deal with this?
Quote:
| --c1bd5c32-A-- [07/Aug/2024:19:21:00 +0700] ZrNmrKvC1fZFN25ulEQUYgAAAAE 149.1.2.3 17005 172.18.3.126 443 --c1bd5c32-B-- POST /wp-admin/admin-ajax.php HTTP/1.1 Host: example.co.id Connection: keep-alive Content-Length: 3318 Cache-Control: max-age=0 sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 Origin: https://example.co.id Content-Type: multipart/form-data; boundary=----WebKitFormBoundarynguJ9Dw61VZzpNJW User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://example.co.id/wp-admin/edit...._group=library Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9 Cookie: wordpress_sec_4b36aa17ed48f4c7226960a8bb4bdddb=exampleweb%7C1723201624%7CcMB5iMTjbYh3vh8IQ2EOGPHQN8B rKAVWPzRbGnFaB5J%7C7cc4cfca8ffec3944218452bfdcbbdff6aefbf5491e2c7a7351febeee141e0d4; _ga=GA1.1.302031269.1722393463; _ga_6JQ1H3QEFP=GS1.1.1722393462.1.0.1722393464.0.0.0; _ga_TBQEJ2CDD2=GS1.1.1722832599.1.1.1722832626.0.0.0; wordpress_test_cookie=WP%20Cookie%20check; wp_lang=en_US; wordpress_logged_in_4b36aa17ed48f4c7226960a8bb4bdddb=exampleweb%7C1723201624%7CcMB5iMTjbYh3vh8IQ2EOG PHQN8BrKAVWPzRbGnFaB5J%7C0f18d3f0d4bfee70bd7ea26c19fa4a7896262cb3e0b9f77b019c14d257e285e9; wp-settings-2=libraryContent%3Dbrowse%26ampampampampeditor%3Dtinymce%26ampampampeditor%3Dtinymce%26mfold%3Do; wp-settings-time-2=1723028825; wfwaf-authcookie-7ce10f307740df4048514dcbbe5dd6b8=2%7Cadministrator%7Cmanage_options%2Cunfiltered_html%2Cedit_others_ posts%2Cupload_files%2Cpublish_posts%2Cedit_posts%2Cread%7C26bf7f34ff29cb9035105f28ca71c4ba33082876a 03bb5320d330b62351bf38a --c1bd5c32-I-- action=elementor%5flibrary%5fdirect%5factions&library%5faction=direct%5fimport%5ftemplate&%5fnonce=8 82cd8beb5 --c1bd5c32-F-- HTTP/1.1 500 Internal Server Error Access-Control-Allow-Origin: https://example.co.id Access-Control-Allow-Credentials: true X-Robots-Tag: noindex X-Content-Type-Options: nosniff Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0, no-store, private Referrer-Policy: strict-origin-when-cross-origin X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Content-Length: 2466 Connection: close Content-Type: text/html; charset=UTF-8 --c1bd5c32-E-- --c1bd5c32-H-- Apache-Handler: application/x-httpd-php Stopwatch: 1723033260285312 539430 (- - -) Stopwatch2: 1723033260285312 539430; combined=10847, p1=520, p2=9836, p3=108, p4=261, p5=121, sr=144, sw=1, l=0, gc=0 Response-Body-Transformed: Dechunked Producer: ModSecurity for Apache/2.9.2 (http://www.modsecurity.org/); OWASP_CRS/3.2.0. Server: Apache Engine-Mode: "ENABLED" --c1bd5c32-J-- 4,2765,"About Us Template.json","<Unknown ContentType>" Total,2765 --c1bd5c32-Z-- |