Aman

Forum Replies Created

Viewing 1 replies (of 1 total)
  • Forum: Plugins
    In reply to: [Meta for WooCommerce] Mod_Security Error
    Aman

    (@amanbt)

    1 year ago

    Hi, I am facing the same error: Not Acceptable! An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.

    As suggested by you I contacted my hosting provider and asked them to modify the ModSecurity rules, however they reverted with the following reply:

    [Fri May 02 18:58:26.161798 2025] [security2:error] [pid 105007:tid 22686878275328] [remote 49.36.188.137:63143] [client 49.36.188.137] ModSecurity: Access denied with code 406 (phase 2). Pattern match “=(?:ogg|tls|ssl|gopher|file|data|php|zlib|zip|glob|s3|phar|rar|s(?:sh2?|cp)|dict|expect|(?:ht|f)tps?)://” at REQUEST_URI. [file “/etc/httpd/modsecurity.d/10_asl_rules.conf”] [line “517”] [id “340165”] [rev “291”] [msg “Atomicorp.com WAF Rules: Uniencoded possible Remote File Injection attempt in URI (AE)”]

    [data
    “/?wc-api=wc_facebook_connect&external_business_id=ingreensshop-6814c54f67080&nonce=37b12eccd2&type=standard&code=aqdlnmbj-wepcjezfxvohyj1z8c7enf9mqafsyl5fcxwqydunvp0u2kqhfvthri2a2y01_vw4kiwlsx715yzs1a3qk2kmonliyverjpj43jja18lpml_jsmmq7rzzuov2jit4mpq7ov70xxbjiokvtfkuntlpfqildreioejr-3bhmt4ystp70db0zxxtctlcgw2rmqhjbgeaeyv5pvjyzsiedhsaiepw2ll_qexhfcpsoo_-s3yddtvdcgcngxt8zjrsjzsl6dytllqlte_4-_9ebkdlw1glg3kuvn44sejqdvdldn2npnkx-0jdvhe88s1vq-v3y9nh5qnt_32khlnktnnug3hxymqwstlgdq6r6ihqdbuu84dr_ogyveltwckhzn0ikzt…”]

    [severity “CRITICAL”] [hostname “ingreens.shop”] [uri “/”] [unique_id “aBTIenBX-pIR2FFxpqtFgAAB1lI”], referer: https://api.woocommerce.com/

    Please share this rule with the plugin manager you have connected to as per the log this cannot be whitelisted because the system is considering this as a sql injection attack on the server

    Our system firewall (ModSecurity) blocked an external request due to a security rule that flagged the incoming URL as a potential remote file injection attempt. This is a false positive, commonly seen with API callbacks like the one from Facebook or WooCommerce.

    This rule cannot be whitelisted from server end due to security reasons

    • This reply was modified 1 year ago by Aman.
Viewing 1 replies (of 1 total)