Closed koehn closed 8 years ago
Quoting https://www.atomicorp.com/wiki/index.php/WAF_309925
This rules detects suspicious user agent strings. Specifically, it will detect if a user-agent strings ends with ";)". This is not a pattern used by any browser (Safari, IE, Mozilla, Opera, etc.) or web library. Known browsers and web libraries, when they use the ";" character will use it outside the parentheses, for example using the pattern ");".
Oh comon, what year is this, 1995 :D? Seriously what in the fucking fucks
Ok, as of today we officially are Chrome 50
You can update to 8.7.1, which contains the fix ;)
Thanks for the fast fix!
IMPORTANT
Read and tick the following checkbox after you have created the issue or place an x inside the brackets ;)
Explain the Problem
What problem did you encounter? Upgraded to 8.7 and got a nastygram from my hosting provider, who in turn got it from a blog:
Category: abuse Report-Type: login-attack Service: mod_security User-Agent: csf v8.21 Date: 2016-04-18T22:16:26+0200 Source: [meh] Source-Type: ipv4 Attachment: text/plain Schema-URL: https://download.configserver.com/abuse_login-attack_0.2.json
[Mon Apr 18 22:16:12 2016] [error] [client 74.91.25.210] ModSecurity: Access denied with code 403 (phase 2). Match of "rx (Qualidator.com|ExaleadCloudView|^Mozilla/4.0 (compatible;)$|UTVDriveBot|Add Catalog|^Appcelerator)" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec/20_asl_useragents.conf"] [line "348"] [id "309925"] [rev "6"] [msg "Atomicorp.com WAF Rules: Suspicious User-Agent, parenthesis closed with a semicolon ownCloud News/8.7.0 (+https://owncloud.org/; 1 subscriber;)"] [severity "CRITICAL"] [hostname "algorithmsforthekitchen.com"] [uri "/blog/"] [unique_id "VxVAjF6NFQwADntZVFIAAAMJ"]
It appears the User-Agent isn't loved.
Steps to Reproduce
Explain what you did to encounter the issue
System Information
Contents of owncloud/data/owncloud.log
Contents of Browser Error Console
Read http://ggnome.com/wiki/Using_The_Browser_Error_Console if you are unsure what to put here