Live Helper Chat support forum.. Forum is locked. New place for questions - Github Discussions

You are not logged in.

Announcement

#1 2014-05-12 22:29:06

Justin Utesch
Member
Registered: 2014-04-13
Posts: 19

LHC violating mod_security rule (RFI attempt detected)

Just wanted to throw this out there.
I was having problem with my IP getting blocked by my web server.
I contacted my hosting company and they were able track down this error message.
[Mon May 12 14:47:53 2014] [error] [client 174.***.197.138] ModSecurity: Access denied with code 403 (phase 2). Match of "beginsWith %{request_headers.host}" against "TX:1" required. [file "/var/asl/rules/10_asl_rules.conf"] [line "514"] [id "340162"] [rev "294"] [msg "Atomicorp.com WAF Rules: URL detected as argument, possible RFI attempt detected"] [data "%TX:1,TX:1"] [severity "CRITICAL"] [hostname "t******1.com"] [uri "/livehelperchat-master/lhc_web/index.php/chat/getstatus/(click)/internal/(position)/bottom_right/(check_operator_messages)/true/(top)/350/(units)/pixels/(leaveamessage)/true/(department)/2"] [unique_id "U3ElaUWvEJwAAB6rFIYAAAAM"]


Since I am on a managed VPS the tech was able to rewrite a mod_security rule so it wouldn't happen again.

This is most likely just due to my mod_security rules and not necessarily a problem with LHC but I just wanted to point it out.
Thanks.

https://groups.google.com/forum/#!topic … YUVnAgJB4k

Offline

#2 2014-05-13 05:32:08

Justin Utesch
Member
Registered: 2014-04-13
Posts: 19

Re: LHC violating mod_security rule (RFI attempt detected)

Sorry I see this was addressed in the latest update...

Offline

#3 2014-05-13 06:28:43

Remigijus Kiminas
Administrator
From: Lithuania
Registered: 2012-09-23
Posts: 3,661
Website

Re: LHC violating mod_security rule (RFI attempt detected)

In latest release was addressed only one part. mod_security was complaining a lot of times because of http://someurg.com argument in url request. In new release http:// or https:// part is ommited. But I have no enviroment to test does it helped smile


On 13 May 2014 06:32, Justin Utesch <ute...***.com> wrote:

Sorry I see this was addressed in the latest update...

Offline

#4 2014-05-13 18:59:33

Justin Utesch
Member
Registered: 2014-04-13
Posts: 19

Re: LHC violating mod_security rule (RFI attempt detected)

So far I haven't had any other problems but I will update if I do!

Thank for your commitment to this project sir!

Offline

Board footer