mod security and 2CO

Forum Moderators: phranque

Message Too Old, No Replies

mod security and 2CO

nimonogi

6:17 am on Sep 23, 2011 (gmt 0)

Hello,

I'm trying to use 2Checkout's callbacks (INS) to update my script on successful payments etc.
However, seems that mod_security on my server blocks 2CO with a 403 forbidden error.

I have try to add the following to mod_security in WHM/cPanel:

SecFilterSelective HTTP_User-Agent "2Checkout\.com-purchase libwww-perl\/5\.800" allow

but i'm getting this error:

Graceful restart requested, doing restart
Syntax error on line 2 of /usr/local/apache/conf/modsec2.user.conf:
Invalid command 'SecFilterSelective', perhaps misspelled or defined by a module not included in the server configuration.

Can you please help to create a filter that allows 2checkout's callbacks to update my script.

Thanks a lot.

lucy24

6:37 am on Sep 23, 2011 (gmt 0)

Did you remember

SecFilterEngine On

?

(Sorry. Someone has to ask the stupid questions.)

:: returning from further search ::

Oh. It's third-party. I'm not touching those with a barge pole ;)

nimonogi

7:42 am on Sep 23, 2011 (gmt 0)

Please note that disabling mod_security from .htaccess is not allowed. I would prefer a server-wide solution.

Frank_Rizzo

7:14 pm on Sep 23, 2011 (gmt 0)

If you are really stuck, and want a quick solution whilst you work out the proper solution, just rem out the rule which is triggering and restart apache.

Look at the log file for the file name and the rule ID. Edit the filename and place a # infront of the rule. Note that you may need to do this for all wrapped lines.