|
Rhys Willliams
|
January 24, 2015 at 3:06 pm
I have 2 test events added:
http://inspired-ece.co.nz/events
If I select the 2nd event, It cannot be registed.
http://inspired-ece.co.nz/events/open-to-learning-conversations-2015-05-14/
http://inspired-ece.co.nz/events/open-to-learning-conversations-2015-05-14/?ee=process_ticket_selections
Forbidden
You do not have permission to access this document.
Web Server at inspired-ece.co.nz
It appears a ticket price > $99 causes the failure?
Is there a work around or is this a limit for Decaf?
Thanks
Rhys
|
|
Lorenzo Orlando Caum
|
January 24, 2015 at 4:52 pm
Hi Rhys, that may be a security filter on the site. Could you ask your host to adjust the mod security to allow use of base64?
Here is an example:
https://eventespresso.com/topic/403-when-trying-to-register/#post-136070
That is used by the ticket selector in Event Espresso 4.
—
Lorenzo
|
|
Rhys Willliams
|
January 24, 2015 at 5:35 pm
Thanks Lorenzo for the prompt reply.
Looking in the logs I can see:
[Sun Jan 25 10:20:24 2015] [error] [client yyy.xx.7.210] ModSecurity: Access denied with code 403 (phase 2). Pattern match “(?i)([\\\\s\\”‘`;\\\\/0-9\\\\=]+on\\\\w+\\\\s*=)” at ARGS:tkt-slctr-ticket-obj-540[]. [file “/usr/local/cwaf/rules/cwaf_03.conf”] [line “35”] [id “212010”] [msg “COMODO WAF: XSS Filter – Category 2: Event Handler Vector”] [data “Matched Data: 5OntzOjY6IlRLVF9JRCI7YToxOntzOjg6InN0YW5kYXJkIjtpOjM7fXM6NzoiVEtUX21heCI7YToxOntzOjg6InN0YW5kYXJkIjtkOklORjt9czo3OiJUS1RfcXR5IjthOjE6e3M6ODoic3RhbmRhcmQiO2k6MTAwO31zOjg6IlRLVF9zb2xkIjthOjE6e3M6ODoic3RhbmRhcmQiO2k6MDt9czo3OiJUS1RfbWluIjthOjE6e3M6ODoic3RhbmRhcmQiO2k6MDt9czoxMjoiVEtUX3JlcXVpcmVkIjthOjE6e3M6ODoic3RhbmRhcmQiO2k6MDt9czoxMToiVEtUX3RheGFibGUiO2E6MTp7czo4OiJzdGFuZGFyZCI7aTowO31zOjExOiJUS1RfZGVsZXRlZCI7YToxOntzOjg6InN0YW5kYXJkIjtpOjA7fXM6ODoiVEtUX25hbWUiO2E6Mjp7czo4OiJzdGFuZGFyZCI7cz…”] [severity “CRITICAL”] [hostname “inspired-ece.co.nz”] [uri “/events/open-to-learning-conversations-2015-05-14/”] [unique_id “VMQMmH8AAAEABczCJ6YAAAAL”]
My host uses Parallels, I need to see how I can get the ModSecurity settings next..
Thanks!
|
|
Rhys Willliams
|
January 24, 2015 at 7:40 pm
I have added to /httpdocs/.htaccess:
<IfModule mod_security.c>
SecRuleRemoveById 212010
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
However I still get the error and the log entry above.
Any other suggestions?
|
|
Lorenzo Orlando Caum
|
January 25, 2015 at 1:00 pm
Hi, you may need to contact the host to have them set it up. That was an example from a different web host. However, all web hosts do not use the same systems.
—
Lorenzo
|
|
Rhys Willliams
|
February 2, 2015 at 3:24 pm
Thanks – indeed I did need to ask the hosting company”
“The change is made in the vhost.conf file in the conf dir. This is something you do not have access to. The next version of plesk which we plan on upgrading our servers to in the near future, has an option in the control panel to disable mod-security rules.”
Thanks for your help.
|
|
Lorenzo Orlando Caum
|
February 2, 2015 at 7:55 pm
You are welcome Rhys. If you need help with anything else, just create a new support post in our support forums:
https://eventespresso.com/support/forums/
—
Lorenzo
|
