Da li se tko susretao sa problemom da mu mod_security zabrani pristup vlastitiom serveru i kako ga je rješio (osim isključivanja mod_security)?
Radi se o tome da nakon desetak klikova u Open Cart-u moj IP biva bannan sa cijelog servera.
[Sun Feb 12 11:39:23 2012] [error] [client 89.164.123.133] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?:\\\\b(?:(?:type\\\\b\\\\W*?\\\\b(?:text\\\\b\\\\W*?\\\\b(?:j(?:ava)?|ecma|vb)|application\\\\b\\\\W*?\\\\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\\\\b.{0,100}?\\\\bsrc)\\\\b|on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)| ..." at REQUEST_FILENAME. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "120"] [id "950004"] [msg "Cross-site Scripting (XSS) Attack"] [data ".cookie"] [severity "CRITICAL"] [tag "WEB_ATTACK/XSS"] [hostname "mojopencart.hr"] [uri "/catalog/view/javascript/jquery/ui/external/jquery.cookie.js"] [unique_id "TzeIyy4EZIUAAAki0y4AAAAW"]
Dakle prepoznaje XSS napad u ovoj jquery.cookie.js ?!