Posts by pathogen

  • 403 Forbidden

    Found this, but I'm still no nearer to working out the problem!


    =================================

    Code
    1. [Wed Sep 18 09:34:53.909995 2019] [php7:warn] [pid 3462] [client 127.0.0.1:60432] PHP Warning: count(): Parameter must be an array or an object that implements Countable in /srv/web/kingsthorpegrove.northants.sch.uk/www/html/easicms/core/lib/PerchFieldTypes.class.php on line 69, referer: http://www.kingsthorpegrove.northants.sch.uk/easicms/core/apps/content/page/?id=31
    2. [Wed Sep 18 09:35:00.205823 2019] [:error] [pid 13465] [client 127.0.0.1:60530] [client 127.0.0.1] ModSecurity: Warning. detected XSS using libinjection. [file "/usr/share/modsecurity-crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf"] [line "64"] [id "941100"] [rev "2"] [msg "XSS Attack Detected via libinjection"] [data "Matched Data: upgrade-insecure-requests found within ARGS:perch_26_text: <p><span style=\\x22line-height: 1.6em;\\x22>KS1 tests - video for parents -\\xa0</span><a href=\\x22https://youtu.be/M8MjPFWRQs0\\x22 rel=\\x22nofollow\\x22 style=\\x22margin: 0px; padding: 0px; outline: 0px; border: 0px currentColor; border-image: none; color: rgb(215, 59, 75); line-height: 20.8px; font-family: Tahoma, Arial, Helvetica, sans-serif; text-decoration: none; vertical-align: baseline;\\x22>https://youtu.be/M8MjPFWRQs0</a></p>\\x..."] [severity "CRITICAL"] [ver "OWASP_CRS/3.0.0"] [maturity "1"] [accuracy "9"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-xss"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A3"] [tag "OWASP_AppSensor/IE1"] [hostname "www.kingsthorpegrove.northants.sch.uk"] [uri "/easicms/core/apps/content/edit/"] [unique_id "XYHsNGFL8XM62zyoffC0NAAAAAg"], referer: http://www.kingsthorpegrove.northants.sch.uk/easicms/core/apps/content/edit/?id=30
    3. [Wed Sep 18 09:35:00.206999 2019] [:error] [pid 13465] [client 127.0.0.1:60530] [client 127.0.0.1] ModSecurity: Warning. Pattern match "(?i)<[^\\\\w<>]*(?:[^<>\\"'\\\\s]*:)?[^\\\\w<>]*(?:\\\\W*?s\\\\W*?c\\\\W*?r\\\\W*?i\\\\W*?p\\\\W*?t|\\\\W*?f\\\\W*?o\\\\W*?r\\\\W*?m|\\\\W*?s\\\\W*?t\\\\W*?y\\\\W*?l\\\\W*?e|\\\\W*?s\\\\W*?v\\\\W*?g|\\\\W*?m\\\\W*?a\\\\W*?r\\\\W*?q\\\\W*?u\\\\W*?e\\\\W*?e|(?:\\\\W*?l\\\\W*?i\\\\W*?n\\\\W*?k|\\\\W*?o\\\\W*?b\\\\W*?j\\\\W*?e\\ ..." at ARGS:perch_26_text. [file "/usr/share/modsecurity-crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf"] [line "236"] [id "941160"] [rev "2"] [msg "NoScript XSS InjectionChecker: HTML Injection"] [data "Matched Data: <p><span style=\\x22line-height: 1.6em;\\x22>KS1 tests - video for parents -\\xa0</span><a href=\\x22https://youtu.be/M8MjPFWRQs0\\x22 rel=\\x22nofollow\\x22 style=\\x22margin: 0px; padding: 0px; outline: 0px; border: 0px currentColor; border-image: none; color: rgb(215, 59, 75); line-height: 20.8px; font-family: Tahoma, Arial, Helvetica, sans-serif; text-decoration: none; vertical-align: baseline;\\x22>https://youtu.be/M8MjPFWRQs0</a></p>\\x0d\\x0a\\x0d\\x0a<p>KS 2 tests - video for parents -\\xa0<a hre..."] [severity "CRITICAL"] [ [hostname "www.kingsthorpegrove.northants.sch.uk"] [uri "/easicms/core/apps/content/edit/"] [unique_id "XYHsNGFL8XM62zyoffC0NAAAAAg"], referer: http://www.kingsthorpegrove.northants.sch.uk/easicms/core/apps/content/edit/?id=30
    4. [Wed Sep 18 09:35:00.208820 2019] [:error] [pid 13465] [client 127.0.0.1:60530] [client 127.0.0.1] ModSecurity: Rule 7f1d3f955690 [id "941350"][file "/usr/share/modsecurity-crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf"][line "737"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "www.kingsthorpegrove.northants.sch.uk"] [uri "/easicms/core/apps/content/edit/"] [unique_id "XYHsNGFL8XM62zyoffC0NAAAAAg"], referer: http://www.kingsthorpegrove.northants.sch.uk/easicms/core/apps/content/edit/?id=30
    5. [Wed Sep 18 09:35:00.211155 2019] [:error] [pid 13465] [client 127.0.0.1:60530] [client 127.0.0.1] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "57"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.kingsthorpegrove.northants.sch.uk"] [uri "/easicms/core/apps/content/edit/"] [unique_id "XYHsNGFL8XM62zyoffC0NAAAAAg"], referer: http://www.kingsthorpegrove.northants.sch.uk/easicms/core/apps/content/edit/?id=30
    6. [Wed Sep 18 09:35:00.211339 2019] [:error] [pid 13465] [client 127.0.0.1:60530] [client 127.0.0.1] ModSecurity: Warning. Operator GE matched 5 at TX:inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/RESPONSE-980-CORRELATION.conf"] [line "73"] [id "980130"] [msg "Inbound Anomaly Score Exceeded (Total Inbound Score: 10 - SQLI=0,XSS=10,RFI=0,LFI=0,RCE=0,PHPI=0,HTTP=0,SESS=0): NoScript XSS InjectionChecker: HTML Injection"] [tag "event-correlation"] [hostname "www.kingsthorpegrove.northants.sch.uk"] [uri "/easicms/core/apps/content/edit/"] [unique_id "XYHsNGFL8XM62zyoffC0NAAAAAg"], referer: http://www.kingsthorpegrove.northants.sch.uk/easicms/core/apps/content/edit/?id=30

    =================================

  • 403 Forbidden

    OK, I've managed to get a broken Perch installation working again by re-uploading and overwriting the perch core folder with v2.8.34

    I can log in and I can upload assets to the resources folder.


    I have tried to edit a post, but every time I click 'save', I get a 403 Forbidden error.

    I can't see what is causing this. Is there something missing or what do I need to make permissions changes to?


    Thanks in advance for any help.

  • Software Update - Stuck in loop

    Hi Clive, thanks for you input.


    Yes, once you click the 'Continue' button, the site just reloads with the same message.


    I haven't upgraded Perch. The customer at the site said she couldn't log in, so I tried with the login that our old web guy gave me and it does the same.


    Unfortunately, our web dev guy recently left the company, and I don't know anything about Perch to try anything advanced.


    Thanks for your help.

    Jezz.

  • Software Update - Stuck in loop

    One of our sites is stuck in a loop after upgrading itself.


    Can anyone help me sort this as it was set up by a guy who has now left our company, and I have no knowledge of Perch.


    I have read other threads on this and the old forum, but nothing on there has sorted the problem


    Any help would be appreciated.

    Jezz