ModSecurity on off problem

Avatar
  • Answered
Hello,
Since I am on my new vps server with my web sites I have many spoof registrants and a constant error with all web sites (see below) that seems to be related to ModSecurity. When ModSecurity is on I have the below error on my web sites (inlogging and saving). When ModSecurity is off I am obiviously not protected. How can I resolve this?
Error 500 - Internal Server Error
An error was encountered while processing your request. Typically this is a temporary condition. Please contact the web site owner for further assistance.
Duplicates 3
I get a 404 error when trying to access my backend for Wordpress. Seems to have to do with ModSecurity
ModSecurity blocking user syncing between two sub-domains
I'm trying to use User Sync (WPMU) to make it easier for sales reps to log into our two different sites (both are sub-domains). Syncing the users seems like it will be the best option so that they don't have to manage different credentials. (one domain is geared toward customers, the other is geared toward sales training) I've enabled the debug mode of the plugin and am getting the following error on the master site when trying to run a sync: [2017-01-11 18:12:46][M] 02 - sending request - url=http://training.XXXXXXX.com/wp-admin/admin-ajax.php?action=user_sync_api;;*** [2017-01-11 18:12:46][M] 03 - sending request - response=Error 406 - Not Acceptable

Error 406 - Not Acceptable

Generally a 406 error is caused because a request has been blocked by Mod Security. If you believe that your request has been blocked by mistake please contact the web site owner.

;;*** [2017-01-11 18:12:46][M] 06 - checking key false;;*** Oddly the log from the sub-site seems to connect to the parent, but only syncs one user: [2017-01-11 18:19:44][S] 02 - sending request - url=https://customers.XXXXXX.com/wp-admin/admin-ajax.php?action=user_sync_api;;*** [2017-01-11 18:19:45][S] 03 - sending request - response=ok;;*** [2017-01-11 18:20:05][S] 01 - new subsite conection - central_url=https://customers.XXXXXX.com;; replace_user=1;; overwrite_user=1;;*** [2017-01-11 18:20:05][S] 02 - sending request - url=https://customers.XXXXXX.com/wp-admin/admin-ajax.php?action=user_sync_api;;*** [2017-01-11 18:20:06][S] 03 - sending request - response=ok;;*** [2017-01-11 18:20:06][S] 01_2 - sync users for new subsite*** [2017-01-11 18:20:06][S] 02 - sending request - url=https://customers.XXXXXX.com/wp-admin/admin-ajax.php?action=user_sync_api;;*** [2017-01-11 18:20:07][S] 03 - sending request - response=ok;;***
Can't disable ModSecurity on my site
I was having trouble connecting my site to Wordpress Jetpack publicizing. I tried turning off my Mod Security for my site but it just gives me an error message saying "error disabling modsecurity for ---.com" My website is connected to Jetpack, just the publicize feature wont work. I disabled all plugins and tried disconnecting and reconnecting to Jetpack
Avatar
Tim S.
Hello brittisaacson, Thank you for your question about turning off mod_sec. How did you turn it off? I've logged into your cPanel account and verified I could turn mod_sec on and off as expected. Here's our article on disabling Mod_Sec in cPanel. Keep in mind, this only disables minor mod_sec rules. If Jetpack is triggering a major mod_sec rule you would need to reach out to support to determine if it's something we can disable for you. I hope this helps! Thanks! Gratefully, Tim S
Avatar
Arn
Hello Vcudnik, Sorry for the problem with the modsec rule possibly blocking your users synchronization. You do have the option to disable modsec rules in the cPanel. Check out this tutorial: Disable ModSecurity rules. The main problem is that since you're on a shared server, you will not have access to disable ALL of the rules. You can request that your site be reviewed for the mod sec rule that blocking you and it might be possible to have the rule turned off or disabled for just your account. However, in some cases, the rule may not be something you can disable. You can submit a verified support ticket the Account Management Panel (AMP) in order to have the issue reviewed by our support team. If you have any further questions, please let us know. Kindest regards, Arnel C.
Avatar
Arn
Hello Isnet1946, Sorry for the problems with Modsecurity. These rules are managed by our systems team, so if there any issues you will need to submit a verified support ticket to have the matter investigated. Apologies that I can't provide a direct answer. If you have any further questions or comments, please let us know. Regards, Arnel C.