Hi Andy, Yes I added it above the eval() function without replacing anything. I haven't tried this method yet though to see if it works, just wanted to be clear where you wanted it placed.
As for the test.cgi error, I am see this in my apache logs:
And this in my modsec_audit_log file:
Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 85.214.44.193] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\\\\\'\\\\\\\\w+?=)?\\\\\\\\(\\\\\\\\)\\\\\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "80"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||71.19.244.107|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "71.19.244.107"] [uri "/cgi-bin/test.cgi"] [unique_id "X9-HwB9cqlh40TFzr5nfZAAAAMY"]
It seems a modsecurity rule is blocking the request for the test.cgi.
Tried whitelisting rule id#221260 for the domain but that didn't work.
I am going to try modifying the files necessary to install the antibot and captcha plugins again to see if it will work. Think I'll install one at a time and verify before installing the other one.
Basshook
As for the test.cgi error, I am see this in my apache logs:
Quote:
[Wed Apr 21 09:48:21.063402 2021] [cgid:error] [pid 24419:tid 47552762627840] [client 70.67.143.193:53358] End of script output before headers: test.cgiAnd this in my modsec_audit_log file:
Quote:
GET //cgi-bin/test.cgi HTTP/1.1 Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 85.214.44.193] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\\\\\'\\\\\\\\w+?=)?\\\\\\\\(\\\\\\\\)\\\\\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "80"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||71.19.244.107|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "71.19.244.107"] [uri "/cgi-bin/test.cgi"] [unique_id "X9-HwB9cqlh40TFzr5nfZAAAAMY"]
It seems a modsecurity rule is blocking the request for the test.cgi.
Tried whitelisting rule id#221260 for the domain but that didn't work.
I am going to try modifying the files necessary to install the antibot and captcha plugins again to see if it will work. Think I'll install one at a time and verify before installing the other one.
Basshook