Announcement

Collapse
No announcement yet.

Struggling to understand immunify360 ModSecurity error message in webserver logs

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Struggling to understand immunify360 ModSecurity error message in webserver logs

    I've noticed that a WordPress site is getting Immunify360 / ModSecurity warnings logged, but am struggling to work out whether this is an issue or not. The page is working correctly. The code is running when a photo is uploaded to the application. It looks like it is only a wardning

    Could someone possibly advise please?

    The (anonymised) logged error / warning is:
    [client 12.34.56.89] ModSecurity: Warning. Match of "rx ^$" against "FILEShoto" required. [file "/etc/apache2/modsecurity.d/rules/custom/014_i360_filescan.conf"] [line "44"] [id "77317957"] [msg "IM360 WAF: Track file upload||MV:UploadedImage.jpg||Size:382308||User:ap plicationuser||SC:/var/www/vhosts/example.com/sub.example.com/index.php||WPU:User Account||T:APACHE||"] [severity "NOTICE"] [tag "service_im360"] [tag "noshow"] [hostname "example.com"] [uri "/index.php"] [unique_id "ZZqAfw6_Mla7gpk-MJeShAAAAAg"], referer: https://example.com/update/?cmd=1&ID=ABC/12

    The server is Ubuntu 22.04 running Apache & Nginx on a Plesk Obsidian (v18.0.57 Update #5) environment with the Imunify360 extension (v7.6.0-1).

  • #2
    Hi Alex,

    The log provided indicates no issues. To verify it, you can find the severity level "NOTICE" and the tag "noshow" – such events are serving and logged for monitoring/informational purposes only.

    You can find more explanation here:
    Therefore, you can safely ignore this log (:

    Comment

    Working...
    X