Websites login and contact forms blocked after enable modsecurity

on

oneguy Oct 15, 2018 #1

Hi, I have set a pair of sites without problems, but when enabling modsecurity, the login page and contact forms seems to be blocked when submit.
The browser never load and finally this error is showed:

ERR_SPDY_PROTOCOL_ERROR

And /usr/local/lsws/logs/error.log

AdminLogin:

POST /administrator/index.php HTTP/1.1
2018-10-15 09:48:48.521864 [INFO] [IP…:HTTP2-1] Request body size: 128, received: 0.
2018-10-15 09:55:43.537567 [INFO] [IP…HTTP2-1] Connection idle time too long: 301 while in state: 3 watching for event: 25, close!
2018-10-15 09:55:43.537603 [INFO] [IP…:HTTP2-1] Content len: 1026,

Contact form
Request line:
POST /contact HTTP/1.1
2018-10-15 09:55:43.537609 [INFO] [IP…:HTTP2-1] Redirect: #1, URL: /index.php
2018-10-15 09:55:43.537613 [INFO] [IP…:HTTP2-1] Request body size: 1026, received: 0.

Sites are Joomla (not the autoinstall Joomla of cyberpanel). Is someone facing this issue? I guess that some modsecurity rule can solve this, but no idea.

Regards,

fr

freeradioeurope Oct 15, 2018 #2

I’m facing the same issue with wordpress login after activate mod security

on

oneguy Oct 18, 2018 #3

@CyberPanel have you checked this problem or do you have any advice about it?

I guess is not good idea disable mod_Security at all.

Regards,

Cy

CyberPanel Oct 18, 2018 #4

I confirm it is a bug in OpenLiteSpeed, we are looking into this.

on

oneguy Oct 23, 2018 #5

Hi again @CyberPanel, I have upgraded today to 1.7 build 3, and the issue is still present. Since this problem make common Cms not usable, have you got any advice for security config with mod_security disabled?

Thanks in advance,

Cy

CyberPanel Oct 23, 2018 #6

That was a CyberPanel update, this issue relates to OpenLiteSpeed, we will announce when there is new version for OpenLiteSpeed.

ri

ricardofh Oct 29, 2018 #7

That was a CyberPanel update, this issue relates to OpenLiteSpeed, we will announce when there is new version for OpenLiteSpeed.

Is there any ETA for this?

on

oneguy Nov 21, 2018 #8

That was a CyberPanel update, this issue relates to OpenLiteSpeed, we will announce when there is new version for OpenLiteSpeed.

Is there any ETA for this?

up

on

oneguy Jan 23, 2019 #9

I have read that the last openlitespeed has fixed this bug:
https://openlitespeed.org/release-log/version-1-4-x/#V1.4.42

but is not resolved in cyberpanel 1.7.7. Is a good idea to do the next?

yum update
yum upgrade openlitespeed

Currenty I have → LiteSpeed/1.4.39 Open
Regards

na

navotera Jan 24, 2019 #10

so any fix, I find this too…

it is almost 1-month bug

qt

qtwrk Jan 24, 2019 #11

try update see if fix is rolled out

yum update openlitespeed

on

oneguy Feb 11, 2019 #12

I can confirm that updating openlitespeed the issue is fixed. Now, with cyberpanel 1.8.1 and openlitespeed 1.4.43 Open all is running fine with mod_security enabled.

Regards,

dy

dyrer Mar 03, 2019 #13

With any of modsecurity rules Comodo or OWASP is not able to upload images in my WordPress site
Anyone can help me fix the rules or is a bug of openlitespeed also?

Cy

CyberPanel Mar 03, 2019 #14

With any of modsecurity rules Comodo or OWASP is not able to upload images in my WordPress site Anyone can help me fix the rules or is a bug of openlitespeed also?

Which version of OpenLiteSpeed you are running?

dy

dyrer Mar 03, 2019 #15

1.4.44

Lu

Luke007 Mar 04, 2019 #16

With any of modsecurity rules Comodo or OWASP is not able to upload images in my WordPress site

I am having the same issue. OLS version - 1.4.44, Cyberpanel version - 1.8.1

Cy

CyberPanel Mar 04, 2019 #17

For everyone here, run this tool and see if ModSecurity issue is gone on your end

bash <(curl -s https://raw.githubusercontent.com/litespeedtech/openlitespeed/de23074af50c7c06cf31f7cb8324691392ea746f/dist/admin/misc/testbeta.sh)

dy

dyrer Mar 04, 2019 #18

After running the above code and COMODO rules
https://www.screencast.com/t/5O51AL2Fkd

Cy

CyberPanel Mar 04, 2019 #19

If you face any other issues, you can revert the above change using.

bash <(curl -s https://raw.githubusercontent.com/litespeedtech/openlitespeed/de23074af50c7c06cf31f7cb8324691392ea746f/dist/admin/misc/testbeta.sh) -r

dy

dyrer Mar 04, 2019 #20

Are you going to update openlitespeed 1.5 and maybe will fix the modsecurity issues?

ri

ricardofh Mar 06, 2019 #21

Are you going to update openlitespeed 1.5 and maybe will fix the modsecurity issues?

I got this issue and got solved by updating openlitespeed, it was fixed like three releases ago so something must have gone wrong during your update, submit a support ticket to litespeed, they fixed it for me before the release.

Lu

Luke007 Mar 08, 2019 #22

Are you going to update openlitespeed 1.5 and maybe will fix the modsecurity issues?

I got this issue and got solved by updating openlitespeed, it was fixed like three releases ago so something must have gone wrong during your update, submit a support ticket to litespeed, they fixed it for me before the release.

How did you update openlitespeed? yum update openlitespeed doesn’t update it to 1.5.

Cy

CyberPanel Mar 08, 2019 #23

@Luke007

You can use this command to get the latest testing binary

bash <(curl -s https://raw.githubusercontent.com/litespeedtech/openlitespeed/de23074af50c7c06cf31f7cb8324691392ea746f/dist/admin/misc/testbeta.sh)

ri

ricardofh Mar 11, 2019 #24

Are you going to update openlitespeed 1.5 and maybe will fix the modsecurity issues?

I got this issue and got solved by updating openlitespeed, it was fixed like three releases ago so something must have gone wrong during your update, submit a support ticket to litespeed, they fixed it for me before the release.

How did you update openlitespeed? yum update openlitespeed doesn’t update it to 1.5.

I did not update to 1.5, just latest version of 1.4