Hello Jommla! Commmunity:
Last week our hosting company tightened security of their servers due to a worldwide bot issue. Since then, we have witnessed many mod_security items being triggered upon saving documents with images, saving in components, etc. The general error goes to a 404 (see sample php below). Our hosting company has gone through serveral of our sites and white-listed mods. In one case, 10 of them. This is not ideal. We have done whitelisting on 3 of our 30 sites so far. This is also time consuming determining which mod is tripping.
Today, they white-listed 2, 941100 and 941160
Both are there to protect against XSS attacks.
Thank you for any guidance.
Channing
Sample site
Joomla! 4.4.6
PHP: 8.1
Apache
Sample of the error
2024-08-16T18:10:15+00:00CRITICAL 149.106.104.144errorUncaught Throwable of type Joomla\CMS\Router\Exception\RouteNotFoundException thrown with message "Page not found". Stack trace: #0 [ROOT]/libraries/src/Application/SiteApplication.php(746): Joomla\CMS\Router\Router->parse(Object(Joomla\CMS\Uri\Uri), true)
#1 [ROOT]/libraries/src/Application/SiteApplication.php(232): Joomla\CMS\Application\SiteApplication->route()
#2 [ROOT]/libraries/src/Application/CMSApplication.php(293): Joomla\CMS\Application\SiteApplication->doExecute()
#3 [ROOT]/includes/app.php(61): Joomla\CMS\Application\CMSApplication->execute()
#4 [ROOT]/index.php(32): require_once('/home/fullcirc/...')
#5 {main}
Last week our hosting company tightened security of their servers due to a worldwide bot issue. Since then, we have witnessed many mod_security items being triggered upon saving documents with images, saving in components, etc. The general error goes to a 404 (see sample php below). Our hosting company has gone through serveral of our sites and white-listed mods. In one case, 10 of them. This is not ideal. We have done whitelisting on 3 of our 30 sites so far. This is also time consuming determining which mod is tripping.
Today, they white-listed 2, 941100 and 941160
Both are there to protect against XSS attacks.
Thank you for any guidance.
Channing
Sample site
Joomla! 4.4.6
PHP: 8.1
Apache
Sample of the error
2024-08-16T18:10:15+00:00CRITICAL 149.106.104.144errorUncaught Throwable of type Joomla\CMS\Router\Exception\RouteNotFoundException thrown with message "Page not found". Stack trace: #0 [ROOT]/libraries/src/Application/SiteApplication.php(746): Joomla\CMS\Router\Router->parse(Object(Joomla\CMS\Uri\Uri), true)
#1 [ROOT]/libraries/src/Application/SiteApplication.php(232): Joomla\CMS\Application\SiteApplication->route()
#2 [ROOT]/libraries/src/Application/CMSApplication.php(293): Joomla\CMS\Application\SiteApplication->doExecute()
#3 [ROOT]/includes/app.php(61): Joomla\CMS\Application\CMSApplication->execute()
#4 [ROOT]/index.php(32): require_once('/home/fullcirc/...')
#5 {main}
Statistics: Posted by channingb — Fri Aug 16, 2024 6:18 pm