Page 1 of 1
Mailwatch error 3.0.1.9 upgrade
Posted: 27 Mar 2017 10:35
by adrian.leigh
I am getting the following error trying to login to mailwatch after a 3.0.1.9 upgrade that went through with no issues.
I have tried clearing cache and used another machine and browser.
Forbidden
You don't have permission to access /mailscanner/checklogin.php on this server.
Many thanks,
Re: Mailwatch error 3.0.1.9 upgrade
Posted: 27 Mar 2017 11:34
by shawniverson
Take a look at the error logs in /var/log/httpd and see what is happening when you try to access MailWatch.
This might give us some insight.
Re: Mailwatch error 3.0.1.9 upgrade
Posted: 28 Mar 2017 22:45
by AITCS
Could this possibly be caused by someone attempting to login/hack Mailwatch whilst you are already logged in?
The same error just occurred to me on one server after I'd been working on it for ~10 mins.
The following line came out of error_log:
[Tue Mar 28 09:32:30 2017] [error] [client 93.174.93.136] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "1"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "
www.baidu.com"]...
Re: Mailwatch error 3.0.1.9 upgrade
Posted: 29 Mar 2017 16:27
by BliXem
Try this:
In mod_security add:
SecRuleRemoveById 950109
SecRuleRemoveByID 981173
SecRuleRemoveByID 981249
and try again.
Re: Mailwatch error 3.0.1.9 upgrade
Posted: 09 Apr 2017 16:39
by shawniverson
This and several other false positives resolved in 3.0.2.0.