Ask Your Question

Revision history [back]

Juno dashboard 403 forbidden

Hi All,

I am getting the below message when I am tryiig to access dashboard in chrome/mozilla and IE

You don't have permission to access /dashboard on this server.

This is the error message in /var/log/httpd/error_log

[Thu Jun 25 21:39:06.055152 2015] [:error] [pid 16003] [client 10.176.123.56] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(/\\!?|\\/|[';]--|--[\\s\\r\\n\\v\\f]|(?:--[^-]?-)|([^\\-&])#.?[\\s\\r\\n\\v\\f]|;?\\x00)" at REQUEST_COOKIES:ORA_TAHITI_PREFS. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "49"] [id "981231"] [rev "2"] [msg "SQL Comment Sequence Detected."] [data "Matched Data: --- found within REQUEST_COOKIES:ORA_TAHITI_PREFS: -0--------------"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.6"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "blrtest37.idc.set.com"] [uri "/favicon.ico"] [unique_id "VYzXaipX8W4mx8MuuRr6hgAAAAI"]

Juno dashboard 403 forbidden

Hi All,

I am getting the below message when I am tryiig to access dashboard in chrome/mozilla and IE

You don't have permission to access /dashboard on this server.

This is the error message in /var/log/httpd/error_log

[Fri Jun 26 04:59:17.121261 2015] [:error] [pid 18030] DeprecationWarning: django.utils.simplejson is deprecated; use json instead. [Fri Jun 26 04:59:17.121388 2015] [:error] [pid 18030] WARNING:py.warnings:DeprecationWarning: django.utils.simplejson is deprecated; use json instead. [Thu Jun 25 21:39:06.055152 21:59:22.196623 2015] [:error] [pid 16003] 18033] [client 10.176.123.56] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(/\\!?|\\/|[';]--|--[\\s\\r\\n\\v\\f]|(?:--[^-]?-)|([^\\-&])#.?[\\s\\r\\n\\v\\f]|;?\\x00)" "^(?i)(?:ht|f)tps?:\\/\\/(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})" at REQUEST_COOKIES:ORA_TAHITI_PREFS. ARGS:region. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_40_generic_attacks.conf"] [line "49"] "142"] [id "981231"] "950117"] [rev "2"] [msg "SQL Comment Sequence Detected."] "Remote File Inclusion Attack"] [data "Matched Data: --- http://10.177.112.59 found within REQUEST_COOKIES:ORA_TAHITI_PREFS: -0--------------"] ARGS:region: http://10.177.112.59:5000/v2.0"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.6"] [maturity "8"] "9"] [accuracy "8"] "9"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] "OWASP_CRS/WEB_ATTACK/RFI"] [hostname "blrtest37.idc.set.com"] "blrtest37.idc.oracle.com"] [uri "/favicon.ico"] "/dashboard/auth/login/"] [unique_id "VYzXaipX8W4mx8MuuRr6hgAAAAI"]"VYzcKvgCFzOd6SHaohSsrgAAAAE"]

Juno dashboard 403 forbidden

Hi All,

I am getting the below message when I am tryiig to access dashboard in chrome/mozilla and IE

You don't have permission to access /dashboard on this server.

This is the error message in /var/log/httpd/error_log

[Fri Jun 26 04:59:17.121261 2015] [:error] [pid 18030] DeprecationWarning: django.utils.simplejson is deprecated; use json instead. [Fri Jun 26 04:59:17.121388 2015] [:error] [pid 18030] WARNING:py.warnings:DeprecationWarning: django.utils.simplejson is deprecated; use json instead. [Thu Jun 25 21:59:22.196623 2015] [:error] [pid 18033] [client 10.176.123.56] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^(?i)(?:ht|f)tps?:\\/\\/(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})" at ARGS:region. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_40_generic_attacks.conf"] [line "142"] [id "950117"] [rev "2"] [msg "Remote File Inclusion Attack"] [data "Matched Data: http://10.177.112.59 found within ARGS:region: http://10.177.112.59:5000/v2.0"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/WEB_ATTACK/RFI"] [hostname "blrtest37.idc.oracle.com"] "blrtest37.set.com"] [uri "/dashboard/auth/login/"] [unique_id "VYzcKvgCFzOd6SHaohSsrgAAAAE"]