PHP image upload gives 403 error

Discussion in 'PHP' started by dopelherz, May 29, 2013.

  1. dopelherz

    dopelherz New Member

    Hi guys!
    Recently I bought and installed LiteSpeed (VPS edition) instead of Apache for my php website, and here is the issue I ran into recently.
    When I try to upload an image with a php script, I get a 403 error.

    In logs I have:

    Code:
    ModSecurity: Access denied with code 403, [Rule: 'ARGS' '(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)']
     [Msg: XSS attack]2013-05-29 08:29:53.566 [NOTICE] [106.190.249.252:51262-0#mony.com-SSL] Content len: 67683, Request line: 'POST /admin.php?Page=ProductDetails&DepartmentId=30&CategoryId=29&SubCategoryId=&ProductId=305 HTTP/1.1'
    2013-05-29 08:29:53.566 [INFO] [106.190.249.252:51262-0#mony.com-SSL] Cookie len: 287, __g_u=297776609756684_5_1_0_5_1361756638628; __utma=158250417.553219480.1348561748.1367633288.1368407073.57; __utmz=158250417.1357436912.28.2.utmcsr=yandex|utmccn=(organic)|utmcmd=organic|utmctr=%D1%84%D1%83%D0%BA%D0%BE%D0%B8%D0%B4%D0%B0%D0%BD; PHPSESSID=406ef92bd2f641a621ad80f4d1cdec5f
    2013-05-29 08:29:53.566 [INFO] [106.190.249.252:51262-0#mony.com-SSL] abort request..., code: 4 
    Does anybody know what I should do? What is the correct way to go with mod_security?

    Thanks.
    Last edited: May 29, 2013
  2. mistwang

    mistwang LiteSpeed Staff

  3. dopelherz

    dopelherz New Member

    Hi, thanks for your reply.
    My litespeed is configured through the web console.
    Could you please specify, how I should disable those rules.
    Thank you.
  4. NiteWave

    NiteWave Administrator

    admin console->Serer->Request Filter->Request Filtering Rule Set

    please ensure all rules under it are disabled
    or just delete them.
  5. dopelherz

    dopelherz New Member

    Hi,
    I disabled the rules as you said, and now I have this:

  6. NiteWave

    NiteWave Administrator

    the issue may have been fixed in 4.2.3 release.

    please try manually upgrade to 4.2.3 to see if it disappears:

    #/usr/local/lsws/admin/misc/lsup.sh -v 4.2.3
  7. dopelherz

    dopelherz New Member

    hi!
    I upgraded and the issue seem to have been resolved.
    Please tell what are the security implications with all these rules disabled?
    Thank you.
  8. dopelherz

    dopelherz New Member

    Also, there is one little issue with the updated version - it does not reload with the graceful restart option in the web console. Command line reload works fine.
    Thanks.
  9. webizen

    webizen New Member

    all the rules disabled means no mod_security protection.

    you can try force re-install 4.2.3 and see if graceful restart is ok in gui.
  10. HillaryBlake

    HillaryBlake New Member

    Going through above answers, if you still experiencing the issue, please uninstall the current version and try to re-install it. Hope it will work fine.

Share This Page