blog documentation FAQ followers forum marketplace services youtube

cant login to 1 of my sites as admin..error

The Jamroom Network » Forum » Ning To Jamroom » Page » cant login to 1 of my sites as admin..error
soaringeagle
@soaringeagle
9 years ago
3,304 posts 
JSON response error: {"notices":[{"type":"error","text":"Form Validation missing - please refresh and try again."}]}

tried 2 browsers
its www.exposetheabuse.com
was able to create a new user validate and be in but logging out then in failed


--
soaringeagle
head dreadhead at dreadlocks site
glider pilot student and member/volunteer coordinator with freedoms wings international soaring for people with disabilities
updated by @soaringeagle: 03/18/15 07:30:13PM
soaringeagle
@soaringeagle
9 years ago
3,304 posts
damn mod security again that was screwing up the upload limit on other site
seems mod security dont like jr it was blocking myswql access


--
soaringeagle
head dreadhead at dreadlocks site
glider pilot student and member/volunteer coordinator with freedoms wings international soaring for people with disabilities
michael
@michael
9 years ago
7,715 posts
you got it sorted? The error reads "Form Validation missing". Form Validation is a key set on the page to make sure that its your server doing the sending of the information and not a hacking attempt sent from another server.

The suggestion says "please refresh and try again" so refresh the page and see if it still happens. If it does, its probably something to do with whatever process is setting the form validation key on the page.
soaringeagle
@soaringeagle
9 years ago
3,304 posts
it happened everytime mod security was reading it as a hacjk atrtack

hesres the output
[Sun Feb 15 17:58:43.960174 2015] [:error] [pid 26970] [client 68.233.224.175] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\b(?:t(?:able_name\\\\b|extpos[^a-zA-Z0-9_]{1,}\\\\()|(?:a(?:ll_objects|tt(?:rel|typ)id)|column_(?:id|name)|mb_users|object_(?:id|(?:nam|typ)e)|pg_(?:attribute|class)|rownum|s(?:ubstr(?:ing){0,1}|ys(?:c(?:at|o(?:lumn|nstraint)s)|dba|ibm|(?:filegroup|o ..." at ARGS_NAMES:user_password. [file "/var/cpanel/cwaf/rules/cwaf_02.conf"] [line "299"] [id "211540"] [msg "COMODO WAF: Blind SQL Injection Attack"] [data "Matched Data: user_password found within ARGS_NAMES:user_password: user_password"] [severity "CRITICAL"] [hostname "www.exposetheabuse.com"] [uri "/core/form_validate/__ajax=1"] [unique_id "VOEko2icPqIAAGlaTK0AAAAT"]



--
soaringeagle
head dreadhead at dreadlocks site
glider pilot student and member/volunteer coordinator with freedoms wings international soaring for people with disabilities

Tags