You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Clicking the "Save Settings" button on the admin System Settings page returns a page that displays
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
...
We are using Dreamhost shared hosting, and have their Web Application Firewall (mod_security) enabled for the site. When I disable that, I am able to save system settings just fine.
When I checked the server's error log, there were four ModSecurity warnings for the request. Here are the warning messages as well as the particular rules involved with each (Dreamhost is currently using OWASP ModSecurity Core Rule Set ver.3.3.2):
These warnings sound concerning... could there be something in the ChurchCRM code that can be refactored so as not to trigger them, or are we just dealing with false positives here? Would it help for you to have the actual error logs for the request?
Clicking the "Save Settings" button on the admin System Settings page returns a page that displays
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
...
We are using Dreamhost shared hosting, and have their Web Application Firewall (mod_security) enabled for the site. When I disable that, I am able to save system settings just fine.
When I checked the server's error log, there were four ModSecurity warnings for the request. Here are the warning messages as well as the particular rules involved with each (Dreamhost is currently using OWASP ModSecurity Core Rule Set ver.3.3.2):
Two "Path Traversal Attack (/../)",
https://github.com/coreruleset/coreruleset/blob/v3.3.2/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf
"Possible Remote File Inclusion (RFI) Attack: URL Parameter using IP Address", and
https://github.com/coreruleset/coreruleset/blob/v3.3.2/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf
"Inbound Anomaly Score Exceeded (Total Score: 15)".
https://github.com/coreruleset/coreruleset/blob/v3.3.2/rules/REQUEST-949-BLOCKING-EVALUATION.conf
These warnings sound concerning... could there be something in the ChurchCRM code that can be refactored so as not to trigger them, or are we just dealing with false positives here? Would it help for you to have the actual error logs for the request?
@DawoudIO
The text was updated successfully, but these errors were encountered: