ModSecurity on CyberPanel Problem Stripe hooks

Hi Guys, My website use to work normally after I followed the instruction to enable and install ModSecurity.
if any of my customers want to pay using stripe after payment when he clicks on return to the merchant they will have ‘‘403 Forbbiden error’’ and their balance will not be updated.
And in the same time, I can’t deactivate the security. How can I fix this problem ??

The URL like this would be blocked by the ModSecurity:

Please help & Thank you

See from logs which rule block that and disable it.


I have the same problem, how did you solve it? @RO3B ?

Can you check that which rule is blocking this request and disable that specific rule.

1 Like


Wouldn’t it be possible to disable it by adding a rule?

From what I understand the only way is to identify the package and disable the item completely, right?

I’ve tried and it doesn’t work to add a rule like this for example:
SecRule REQUEST_URI "@contains landingpages" "id:1001,phase:1,t:none,pass, nolog,ctl:ruleRemoveById=943120",

it would not be ideal to disable one of these items as the false positive is only in a URL.


It only worked when I went to the file and deleted line 79:

SecRule REQUEST_URI "@contains landingpages" "id:1001,phase:1,t:none,pass, nolog,ctl:ruleRemoveById=943120",

It doesn’t work if you add the rules via cyberpanel

When you update cyberpanel your edit will be overwritten. You can go on cyberpanel modsecurity settings and disable rule 943.

I did that, it really works, but shouldn’t the rules work?

I would like to disable 943 just for the specific URL, so all my other 20 sites are vulnerable to these attacks because of a single URL.

This ticket continues here: