Thread: Major Additions - Video Club (YouTUBE, Vimeo, DailyMotion etc)
View Single Post
  #397  
Old 04-19-2017, 04:32 PM
Stratis's Avatar
Stratis Stratis is offline
 
Join Date: Jan 2010
Posts: 738
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by paradoxG(r)eek View Post
As a second thought. That "Forbidden" indicates server error. Can you please check if the file video_usercp.php is CMOD 644 ? If it is (which is the normal), try to change it to 666. Just for testing purposes. If it works then bring it back to 644 and contact your hosting provider.

If it's not 644, then change it to 644
Christos this is the problem,

Code:
ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\biframe\\\\b.*?\\\\bsrc\\\\b" at MATCHED_VAR. [file "/etc/httpd/conf/modsecurity.d/rules/comodo/07_XSS_XSS.conf"] [line "198"] [id "212650"] [rev "3"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||www.xxxxxxxxx.com|F|2"] [data "Matched Data: http:/ found within REQUEST_COOKIES_NAMES:bb_cpsession: <iframe width=\\x22750\\x22 height=\\x22400\\x22 src=\\x22//www.youtube-nocookie.com/embed/xxxxxxxxxx?showinfo=0&rel=0&iv_load_policy=3&modestbranding=1\\x22 frameborder=\\x220\\x22 allowfullscreen></iframe>"] [severity "CRITICAL"] [hostname "www.xxxxxxxxx.com"] [uri "/video_usercp.php"] [unique_id "xxxxxxxxxxxxxxxxxxxx"]
I put the id to my server as security rule and now it works. I do not know if it is ok.
I do not know if the id will change and have problem again, COMODO Firewall sees something that does not like

Thank you for advises
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01390 seconds
  • Memory Usage 1,767KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code
  • (1)bbcode_quote
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete