This was what I got from Digiweb after my IP address was blocked, but other people are getting the 403 error.
your IP was blocked by mod_security : Chain num pkts bytes target prot opt in out source destination DENYIN 143 1413 123K DROP all -- !lo * 203.173.161.241 0.0.0.0/0 DENYOUT 143 21 1532 DROP all -- * !lo 0.0.0.0/0 203.173.161.241 ip6tables: Chain num pkts bytes target prot opt in out source destination No matches found for 203.173.161.241 in ip6tables csf.deny: 203.173.161.241 # lfd: (mod_security) mod_security triggered by 203.173.161.241 (NZ/New Zealand/UNASSIGNED.static.cust.vf.net.nz): 5 in the last 3600 secs - Wed Sep 11 13:17:01 2013 Here is detailed information: 2013-09-11 13:13:27 203.173.161.241 /pantry/shop/agent_shopping_cart.php HTTP/1.1 www.prenzelpantry.co.nz Access denied with code 403 (phase 2). Match of "rx ((?:/(?:imaclean|massdelete)/)|^/cgi-bin/dada/mail\\.cgi$|^/index\\.php/mageworx/customoptions_options|^/za/)" against "REQUEST_FILENAME" required. [file "/usr/local/apache/conf/modsec_rules/10_asl_rules.conf"] [line "115"] [id "390707"] [rev "6"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules: Too many arguments in request (max set to 1000, increase as necessary for your system)"] [severity "WARNING"] 403 2013-09-11 13:14:05 203.173.161.241 /pantry/shop/agent_shopping_cart.php HTTP/1.1 www.prenzelpantry.co.nz Access denied with code 403 (phase 2). Match of "rx ((?:/(?:imaclean|massdelete)/)|^/cgi-bin/dada/mail\\.cgi$|^/index\\.php/mageworx/customoptions_options|^/za/)" against "REQUEST_FILENAME" required. [file "/usr/local/apache/conf/modsec_rules/10_asl_rules.conf"] [line "115"] [id "390707"] [rev "6"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules: Too many arguments in request (max set to 1000, increase as necessary for your system)"] [severity "WARNING"] 403 2013-09-11 13:14:15 203.173.161.241 /pantry/shop/agent_shopping_cart.php HTTP/1.1 www.prenzelpantry.co.nz Access denied with code 403 (phase 2). Match of "rx ((?:/(?:imaclean|massdelete)/)|^/cgi-bin/dada/mail\\.cgi$|^/index\\.php/mageworx/customoptions_options|^/za/)" against "REQUEST_FILENAME" required. [file "/usr/local/apache/conf/modsec_rules/10_asl_rules.conf"] [line "115"] [id "390707"] [rev "6"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules: Too many arguments in request (max set to 1000, increase as necessary for your system)"] [severity "WARNING"] 403 2013-09-11 13:14:45 203.173.161.241 /pantry/shop/agent_shopping_cart.php HTTP/1.1 www.prenzelpantry.co.nz Access denied with code 403 (phase 2). Match of "rx ((?:/(?:imaclean|massdelete)/)|^/cgi-bin/dada/mail\\.cgi$|^/index\\.php/mageworx/customoptions_options|^/za/)" against "REQUEST_FILENAME" required. [file "/usr/local/apache/conf/modsec_rules/10_asl_rules.conf"] [line "115"] [id "390707"] [rev "6"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules: Too many arguments in request (max set to 1000, increase as necessary for your system)"] [severity "WARNING"] 403 2013-09-11 13:16:57 203.173.161.241 /pantry/shop/agent_shopping_cart.php HTTP/1.1 www.prenzelpantry.co.nz Access denied with code 403 (phase 2). Match of "rx ((?:/(?:imaclean|massdelete)/)|^/cgi-bin/dada/mail\\.cgi$|^/index\\.php/mageworx/customoptions_options|^/za/)" against "REQUEST_FILENAME" required. [file "/usr/local/apache/conf/modsec_rules/10_asl_rules.conf"] [line "115"] [id "390707"] [rev "6"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules: Too many arguments in request (max set to 1000, increase as necessary for your system)"] [severity "WARNING"] 403 On Fri, Sep 13, 2013 at 2:03 PM, David Neilsen <[email protected]> wrote: > Also to note in 5.3.9+ there is max_input_vars (defaults to 1000) in the > PHP core > > http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars > > > On Fri, Sep 13, 2013 at 2:00 PM, Jochen Daum <[email protected]> wrote: > >> Hi, >> >> On 13 September 2013 13:53, Olwen Williams <[email protected]> >> wrote: >> > A site I work on has recently had sever changes made including >> something to >> > do with .htaccess >> > >> > The maximum number of arguments has been set to 1000. >> > >> > I use a $_POST variable with 18 fields but 4 of those are arrays win >> 300+ >> > fields. These are triggering mod_security and getting a 403 response. >> > >> > Can anyone point me in the right directions to alter this through >> .htaccess >> > to maybe 4000 arguments? >> >> normally its not mod_security but the suhosin extension, which comes >> with most Debian flavours of PHP installations. See here: >> http://www.hardened-php.net/suhosin/configuration.html >> >> and check if you cam maybe try setting suhosin.post.max_vars to 4000? >> >> Kind Regards, >> >> Jochen >> >> -- >> -- >> NZ PHP Users Group: http://groups.google.com/group/nzphpug >> To post, send email to [email protected] >> To unsubscribe, send email to >> [email protected] >> --- >> You received this message because you are subscribed to the Google Groups >> "NZ PHP Users Group" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > -- > -- > NZ PHP Users Group: http://groups.google.com/group/nzphpug > To post, send email to [email protected] > To unsubscribe, send email to > [email protected] > --- > You received this message because you are subscribed to the Google Groups > "NZ PHP Users Group" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > -- -- NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected] --- You received this message because you are subscribed to the Google Groups "NZ PHP Users Group" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
