ModSecurity macht Probleme?

S

Shorty

Registered User
Hallo,
wie es aussieht macht der ModSecurity bei einer wevseite Probleme,ich weiss leider nicht was es ist und wie ich es beheben kann?

Fehler

Server Error​


403

Forbidden​

error_log
Code: 
[Sun Aug 17 18:59:32.658190 2025] [security2:error] [pid 1438:tid 1438] [client 95.223.21.186:0] ModSecurity: Access denied with code 403 (phase 4). Pattern match "<b>Warning</b>.{0,100}?:.{0,1000}?\\\\bon line\\\\b" at RESPONSE_BODY. [file "/etc/apache2/modsecurity.d/rules/comodo_free/16_Outgoing_FilterPHP.conf"] [line "14"] [id "214420"] [rev "1"] [msg "COMODO WAF: PHP Information Leakage||test.have-fun-community.eu|F|3"] [data "Matched Data: <b>Warning</b>:  Use of undefined constant kat_cut - assumed 'kat_cut' (this will throw an Error in a future version of PHP) in <b>/var/www/vhosts/have-fun-community.eu/test.have-fun-community.eu/acp/lib/functions.php(365) : eval()'d code</b> on line found within RESPONSE_BODY: <br />\\x0a<b>Warning</b>:  Use of undefined constant kat_cut - assumed 'kat_cut' (this will throw an Error in a future version of PHP) in <b>/var/www/vhosts/have-fun-community.eu/test.have-fun-community.eu/acp/lib/fu..."] [severity "ERROR"] [tag "CWAF"] [tag "FilterPHP"] [hostname "test.have-fun-community.eu"] [uri "/index.php"] [unique_id "aKIKdGG8BFAH9H0nuV_LKAAAAAM"]
[Sun Aug 17 18:59:32.659296 2025] [security2:error] [pid 1438:tid 1438] [client 95.223.21.186:0] ModSecurity: Warning. Operator GE matched 4 at TX:outgoing_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "38"] [id "214940"] [rev "2"] [msg "COMODO WAF: Outbound Points Exceeded| Total Points: 4|test.have-fun-community.eu|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "test.have-fun-community.eu"] [uri "/error_docs/forbidden.html"] [unique_id "aKIKdGG8BFAH9H0nuV_LKAAAAAM"]
 
Last edited by a moderator:
Shorty said:
error_log
[Sun Aug 17 18:59:32.658190 2025] [security2:error] [pid 1438:tid 1438] [client 95.223.21.186:0] ModSecurity: Access denied with code 403 (phase 4). Pattern match "<b>Warning</b>.{0,100}?:.{0,1000}?\\\\bon line\\\\b" at RESPONSE_BODY. [file "/etc/apache2/modsecurity.d/rules/comodo_free/16_Outgoing_FilterPHP.conf"] [line "14"] [id "214420"] [rev "1"] [msg "COMODO WAF: PHP Information Leakage||test.have-fun-community.eu|F|3"] [data "Matched Data: <b>Warning</b>: Use of undefined constant kat_cut - assumed 'kat_cut' (this will throw an Error in a future version of PHP) in <b>/var/www/vhosts/have-fun-community.eu/test.have-fun-community.eu/acp/lib/functions.php(365) : eval()'d code</b> on line found within RESPONSE_BODY: <br />\\x0a<b>Warning</b>: Use of undefined constant kat_cut - assumed 'kat_cut' (this will throw an Error in a future version of PHP) in <b>/var/www/vhosts/have-fun-community.eu/test.have-fun-community.eu/acp/lib/fu..."] [severity "ERROR"] [tag "CWAF"] [tag "FilterPHP"] [hostname "test.have-fun-community.eu"] [uri "/index.php"] [unique_id "aKIKdGG8BFAH9H0nuV_LKAAAAAM"]
[Sun Aug 17 18:59:32.659296 2025] [security2:error] [pid 1438:tid 1438] [client 95.223.21.186:0] ModSecurity: Warning. Operator GE matched 4 at TX:outgoing_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "38"] [id "214940"] [rev "2"] [msg "COMODO WAF: Outbound Points Exceeded| Total Points: 4|test.have-fun-community.eu|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "test.have-fun-community.eu"] [uri "/error_docs/forbidden.html"] [unique_id "aKIKdGG8BFAH9H0nuV_LKAAAAAM"]
Click to expand...
Und du glaubst jetzt allen Ernstes, daß wir uns diese unfomatierte Ansammlung von Zeichen auseinandernehmen und analysieren...???:rolleyes:
 
was heist Formatieren,wie mache ich das?

Das Use of undefined constant kat_cut - assumed 'kat_cut' habe ich behoben

Sollte nur um diesen Teil gehen
Code: 
[Sun Aug 17 18:59:32.659296 2025] [security2:error] [pid 1438:tid 1438] [client 95.223.21.186:0] ModSecurity: Warning. Operator GE matched 4 at TX:outgoing_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "38"] [id "214940"] [rev "2"] [msg "COMODO WAF: Outbound Points Exceeded| Total Points: 4|test.have-fun-community.eu|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "test.have-fun-community.eu"] [uri "/error_docs/forbidden.html"] [unique_id "aKIKdGG8BFAH9H0nuV_LKAAAAAM"]
 
Last edited by a moderator:
Burning Board 2.3.6? Wird diese etwas ältere Version noch unterstützt?
nexus said:
Und du glaubst jetzt allen Ernstes, daß wir uns diese unfomatierte Ansammlung von Zeichen auseinandernehmen und analysieren...???:rolleyes:
Click to expand...
Ich habe das mal angepasst.
 
Burning Board 2.3.6? Kenne mich nicht aus aber wird diese Version noch unterstützt? Welche PHP Version funktioniert damit noch?
 
Shorty said:
Das Use of undefined constant kat_cut - assumed 'kat_cut' habe ich behoben

Sollte nur um diesen Teil gehen
Click to expand...
Das ist aber immer noch die Fehlermeldung aus dem Startpost.
Wenn du das Problem mit der Variable behoben hast, was steht denn jetzt im Error Log?
 
Code: 
[Sun Aug 17 19:55:47.609997 2025] [security2:error] [pid 19177:tid 19177] [client 95.223.21.186:0] ModSecurity: Access denied with code 403 (phase 4). Pattern match "<b>Warning</b>.{0,100}?:.{0,1000}?\\\\bon line\\\\b" at RESPONSE_BODY. [file "/etc/apache2/modsecurity.d/rules/comodo_free/16_Outgoing_FilterPHP.conf"] [line "14"] [id "214420"] [rev "1"] [msg "COMODO WAF: PHP Information Leakage||test.have-fun-community.eu|F|3"] [data "Matched Data: <b>Warning</b>:  Use of undefined constant kat_cut - assumed 'kat_cut' (this will throw an Error in a future version of PHP) in <b>/var/www/vhosts/have-fun-community.eu/test.have-fun-community.eu/acp/lib/functions.php(365) : eval()'d code</b> on line found within RESPONSE_BODY: <br />\\x0a<b>Warning</b>:  Use of undefined constant kat_cut - assumed 'kat_cut' (this will throw an Error in a future version of PHP) in <b>/var/www/vhosts/have-fun-community.eu/test.have-fun-community.eu/acp/lib/fu..."] [severity "ERROR"] [tag "CWAF"] [tag "FilterPHP"] [hostname "test.have-fun-community.eu"] [uri "/index.php"] [unique_id "aKIXo-ExKowXEPTdOGUwQwAAAAA"], referer: https://test.have-fun-community.eu/?stylechange=true&url=/&styleid=11

[Sun Aug 17 19:55:47.610844 2025] [security2:error] [pid 19177:tid 19177] [client 95.223.21.186:0] ModSecurity: Warning. Operator GE matched 4 at TX:outgoing_points. [file "/etc/apache2/modsecurity.d/rules/comodo_free/20_Outgoing_FiltersEnd.conf"] [line "38"] [id "214940"] [rev "2"] [msg "COMODO WAF: Outbound Points Exceeded| Total Points: 4|test.have-fun-community.eu|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "FiltersEnd"] [hostname "test.have-fun-community.eu"] [uri "/error_docs/forbidden.html"] [unique_id "aKIXo-ExKowXEPTdOGUwQwAAAAA"], referer: https://test.have-fun-community.eu/?stylechange=true&url=/&styleid=11
Leider weiss ich immer noch nicht wie ich das Formatieren muss.
 
Last edited by a moderator:
Das Problem liegt nicht in der WAF, sondern in deinem PHP-Code. Solange PHP-Warnings/Notices nach außen gelangen, wird ModSecurity sie blocken.
Irgendwo in deinem Script wird kat_cut nicht korrekt angesprochen/ist nicht korrekt definiert, deswegen gibt es die Warnung und die WAF schlägt zu.


BTW:
Ich hab zwar nicht viel Ahnung vom Coden...Aber zumindest weiß ich, daß die Verwendung von eval() nicht die beste Idee sein soll...
 
You must log in or register to reply here.
Back
Top