[Modsecurity] Actinic Callback problem
Mike Cardwell
modsecurity at blubbernet.com
Tue Apr 4 10:54:08 EDT 2006
Hi,
I have a customer that is using Actinic, along with actinicsecure.com.
During the order process actinicsecure.com does a callback to the server
presumably to send details about the status of the credit card
transaction. Unfortunately mod_security catches the posted data and
blocks it. This happens *every* time. Below is the log entry:
==b0e1cf0c==============================
Request: www.xxxxxxxxxx.co.uk xxx.xxx.xxx.xxx - - [04/Apr/2006:15:29:12
+0100] "POST /cgi-bin/os000001.pl HTTP/1.1" 406 355 "-" "Catalog/1.0" -
"-"
Handler: application/x-suphp-cgi
----------------------------------------
POST /cgi-bin/os000001.pl HTTP/1.1
Connection: close
Host: www.xxxxxxxxxx.co.uk
User-Agent: Catalog/1.0
Content-Length: 3106
Content-Type: application/x-www-form-urlencoded
mod_security-message: Access denied with code 406. Error parsing POST
parameters: Error normalising parameter value: Invalid character
detected [0]
mod_security-action: 406
3106
BLOB=<REMOVED DATA>
HTTP/1.1 406 Not Acceptable
Content-Length: 355
Connection: close
Content-Type: text/html; charset=iso-8859-1
--b0e1cf0c--
I have removed the "<REMOVED DATA>" part from the posted variables as
I'm not sure if it contains sensitive data. It appears to be in binary
format after I decoded it. I don't want to post it to a public mailing
list for obvious reasons.
Has anyone come across this with Actinic before? Anyone have any
suggestions other than turning mod_security off for Actinic
installations? We will be supporting a fair few hundred Actinic
installations shortly...
I'm willing to contact Actinic with the problem and ask them for an
example callback POST that we can use to diagnose the problem if
necessary. I'm not sure how helpful they'll be though as I've never
spoken to them before.
Thanks,
Mike
--
Digital photo printing: http://www.fotoserve.com/
More information about the Modsecurity
mailing list