406 error in wordpress website

[jebazerosoft]

We have a wordpress website and installed gmail login plugin. When register/login with gmail, it redirects to the below sample page in the website redirected

https://domain.com?state=1596895740&code=4%2F0AeanS0bR3tSByBGaJtI6N18iyYKk_Uvp8w9BwF9CMSeJGDIrM7aBsVJbcR3o77idtrd0qw&scope=email+openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&authuser=0&prompt=consent

Got this modsecurity error

"Access denied with code 406 (phase 2). Matched phrase \".profile\" at ARGS:scope. [file \"/etc/modsecurity.d/REQUEST-930-APPLICATION-ATTACK-LFI.conf\"] [line \"98\"] [id \"930120\"] [msg \"OS File Access Attempt\"] [data \"Matched Data: .profile found within ARGS:scope: email openid https:/www.googleapis.com/auth/userinfo.profile https:/www.googleapis.com/auth/userinfo.email\"] [severity \"CRITICAL\"] [ver \"OWASP_CRS/3.3.5\"] [tag \"application-multi\"] [tag \"language-multi\"] [tag \"platform-multi\"] [tag \"attack-lfi\"] [tag \"paranoia-level/1\"] [tag \"OWASP_CRS\"] [tag \"capec/1000/255/153/126\"] [tag \"PCI/6.5.4\"]"

So off the SecRuleEngine and also added 930120 id to disable. But its not working.

I am accessing the directadmin as a User

 

[zEitEr]

So off the SecRuleEngine and also added 930120 id to disable. But its not working.

Hello,

How did you do it? In DirectAdmin interface? In SSH? Other way? What error do you get after you disable the rule ID?

 

[jebazerosoft]

In directadmin >> advance features >> Modsecurity >>

Under Disabled Rules​

given this id 930120

We got the same modsecurity error

"Access denied with code 406 (phase 2). Matched phrase \".profile\" at ARGS:scope. [file \"/etc/modsecurity.d/REQUEST-930-APPLICATION-ATTACK-LFI.conf\"] [line \"98\"] [id \"930120\"] [msg \"OS File Access Attempt\"] [data \"Matched Data: .profile found within ARGS:scope: email openid https:/www.googleapis.com/auth/userinfo.profile https:/www.googleapis.com/auth/userinfo.email\"] [severity \"CRITICAL\"] [ver \"OWASP_CRS/3.3.5\"] [tag \"application-multi\"] [tag \"language-multi\"] [tag \"platform-multi\"] [tag \"attack-lfi\"] [tag \"paranoia-level/1\"] [tag \"OWASP_CRS\"] [tag \"capec/1000/255/153/126\"] [tag \"PCI/6.5.4\"]"

the page shows the below message

Not Acceptable​

An appropriate representation of the requested resource could not be found on this server.

Seems the modsecurity settings done in directadmin is not affected

 

[jebazerosoft]

Anybody has solution to this issue of 503 error

 

[adam12]

What 503 error? ModSecurity usually triggers 406 errors.

 

[exlhost]

Login as the user and see if there are more ID;s wich are blocking for the wordpress site with ModSecurity.
you could also disable ModSecurity.

 

[jebazerosoft]

Login as the user and see if there are more ID;s wich are blocking for the wordpress site with ModSecurity.
you could also disable ModSecurity.

I have done this. But the same 406 and 503 error

 

[zEitEr]

I have done this. But the same 406 and 503 error

I don't think the issue can be further troubleshooted here on the forums, there are too many unknown aspects.

If the native way does not work for you, then either your setup is a bit customized or there is a bug somewhere.

If your Directadmin license includes DA support, then you are highly advised to open a ticket with them and let the DA team to check it for you. If no support is included in your license, then you are advised to hire somebody to check it for you.

I am accessing the directadmin as a User

If you don't own the server and use shared hosting, then you can do nothing on the server, and you will need to contact a hosting support.