諸伺服器:修訂版本之間的差異
出自六年制學程
(→網頁伺服器) |
(→網頁伺服器) |
||
| 第 5 行: | 第 5 行: | ||
#creation4everyteacher.net,educationmaker.net,gogopublic.net,science4everyone.net,quality-learning.net | #creation4everyteacher.net,educationmaker.net,gogopublic.net,science4everyone.net,quality-learning.net | ||
'''全民科學平台的 /s4e/上線活動.php''' 的「代表圖」欄,欄值字首為 http:// 或 https:// 會觸發防火牆,回應 403 Forbidden 禁止讀網頁的動作 | '''全民科學平台的 /s4e/上線活動.php''' 的「代表圖」欄,欄值字首為 http:// 或 https:// 會觸發防火牆,回應 403 Forbidden 禁止讀網頁的動作 | ||
| + | |||
| + | '''解決:''' | ||
| + | #進 https://site:8443 | ||
| + | #「網站與域名 / science4everyone.net / WEB應用程式防火牆」 | ||
| + | #查日誌中的錯誤,查到:[client 114.35.52.233] ModSecurity: [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "179"] [id "33340162"] [rev "294"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: URL detected as argument, possible RFI attempt detected"] [data "%TX:1,TX:1"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "beginsWith %{request_headers.host}" against "TX:1" required. [hostname "science4everyone.net"] [uri "/s4e/\\xe4\\xb8\\x8a\\xe7\\xb7\\x9a\\xe6\\xb4\\xbb\\xe5\\x8b\\x95.php"] [unique_id "X2StPx6uRI04gbnBqU41uQAAAEs"]<br/>因 beginsWith %{request_headers.host} 所以 Access denied with code 403,使用過濾規則 id "33340162" | ||
| + | #關閉安全規則的清單中加入 33340162 。 | ||
===資料庫伺服器=== | ===資料庫伺服器=== | ||
2020年9月20日 (日) 10:03的修訂版本
租賃伺服器
網頁伺服器
- 103.118.26.245
- creation4everyteacher.net,educationmaker.net,gogopublic.net,science4everyone.net,quality-learning.net
全民科學平台的 /s4e/上線活動.php 的「代表圖」欄,欄值字首為 http:// 或 https:// 會觸發防火牆,回應 403 Forbidden 禁止讀網頁的動作
解決:
- 進 https://site:8443
- 「網站與域名 / science4everyone.net / WEB應用程式防火牆」
- 查日誌中的錯誤,查到:[client 114.35.52.233] ModSecurity: [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "179"] [id "33340162"] [rev "294"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: URL detected as argument, possible RFI attempt detected"] [data "%TX:1,TX:1"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "beginsWith %{request_headers.host}" against "TX:1" required. [hostname "science4everyone.net"] [uri "/s4e/\\xe4\\xb8\\x8a\\xe7\\xb7\\x9a\\xe6\\xb4\\xbb\\xe5\\x8b\\x95.php"] [unique_id "X2StPx6uRI04gbnBqU41uQAAAEs"]
因 beginsWith %{request_headers.host} 所以 Access denied with code 403,使用過濾規則 id "33340162" - 關閉安全規則的清單中加入 33340162 。
資料庫伺服器
- 203.74.201.104
- db01.coowo.com
- 103.118.24.25
- db02.coowo.com
