Problem with Modsecurity

djcart · Jun 27, 2022

hi, i have a problem with modesecuryty on my server. My server users who use roundcube are often blocked by modsecurites. Is there any general rule for roundcube to disable these actions?

Ohm J · Jun 27, 2022

what's your ruleset ?

comodo ruleset is fine.
Could you show sample URL that trigger by mod_security.
Also, show the Log that trigger in Server Manager -> ModSecurity -> Log

djcart · Jul 11, 2022

for example, one of the requests that gets blocked:
/roundcube/?_task=mail&_unlock=loading1657559061893&_framed=1

BillyS · Jul 11, 2022

When you look in the log, why not just disable the offending rule?

djcart · Jul 12, 2022

Every time the client's ip changes, the rule has a different id number. There is a problem here because you have to intervene every now and then

BillyS · Jul 12, 2022

I must not understand... I am looking at the DA gui / web console.

When I look in DA under Modsecurity, I see a date, the domain, a request line, client IP, and a rule ID. It doesn't matter what the domain or client IP are, the rule that got tripped always has the same Rule ID. If I click on the + symbol it give me the option of viewing the log item or skipping / disabling the rule.

Problem with Modsecurity

djcart

Verified User

Ohm J

Verified User

djcart

Verified User

BillyS

Verified User

djcart

Verified User

BillyS

Verified User