Hallo
Ich habe ein Problem mit Shopware 6.4.0.0.
Wenn sich ein User sich Registiert und in sein Account geht dann wird von mein RootServer die IP Adresse gesperrt.
Ich bekomme diese Meldung in meiner Log datei
–fb462a76-A–
[02/Jun/2021:15:06:32 +0200] YLeCWMLzIgRHCBefflGk2AAAAAE 00.000.000.000 34678 111.111.111.111 7081
–fb462a76-B–
GET /favicon.ico HTTP/1.0
Host: meinedomain.de
X-Real-IP: 00.000.000.000
X-Accel-Internal: /internal-nginx-static-location
Connection: close
sec-ch-ua: " Not A;Brand";v=„99“, „Chromium“;v=„90“, „Google Chrome“;v=„90“
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://meinedomain.de/
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
cookie: timezone=Europe/Berlin; csrf[frontend.form.contact.send]=UNBeTuLESrdqS1HuQj7Kjf0cD8j_S4pGw8-RKMtRwvk; csrf[frontend.detail.switch]=jDsf2W91lp5RQu6zB9NC0H1Em-MemsaQdFFwmXeK2h8; cookie-preference=1; csrf[frontend.store-api.proxy]=VYi1VAnmKDliEl19kmeqvVTe3BN1xBpFRZpEBwtbV4o; csrf[frontend.account.login]=QzUXL7cbKsYP4TfMKOmIUg1o1ROJZJuO9m2i0c4zl6Q; csrf[frontend.account.register.save]=KWvkGcMuwwy0UTZNHW0Mu1ddIMaV7-9V0NXAn2gDZ_o; session-=jgaq2520sul4ltku8pt2lkmbsr; sw-states=logged-in; sw-cache-hash=799cf1aa462ce93cc83ed12848e6c0ba; csrf[frontend.account.profile.save]=XuqUOCiHgrE57cV60-S449eIFaX1Sa5z-yopE8wkbAc; csrf[frontend.account.profile.email.save]=WGMFOUGCIR1K89TzmGSqfeKmHK86RPMqYpeQycpZ_CA; csrf[frontend.account.profile.password.save]=brJ3xkTSY9QSaorZRz6r8nsI6EujJWzzETmtSNnzQnU–fb462a76-F–
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 Sep 2015 16:09:14 GMT
ETag: „408-51ec5e3469e80“
Accept-Ranges: bytes
Content-Length: 1032
Connection: close
Content-Type: text/html–fb462a76-H–
Message: Access denied with code 403 (phase 2). Matched phrase „.profile“ at REQUEST_COOKIES_NAMES:csrf[frontend.account.profile.save]. [file „/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf“] [line „57“] [id „210580“] [rev „2“] [msg „COMODO WAF: OS File Access Attempt||meinedomain.de|F|2“] [data „Matched Data: .profile found within REQUEST_COOKIES_NAMES:csrf[frontend.account.profile.save]: csrf[frontend.account.profile.save]“] [severity „CRITICAL“] [tag „CWAF“] [tag „Other“]
Apache-Error: [file „apache2_util.c“] [line 271] [level 3] [client 00.000.000.000] ModSecurity: Access denied with code 403 (phase 2). Matched phrase „.profile“ at REQUEST_COOKIES_NAMES:csrf[frontend.account.profile.save]. [file „/etc/apache2/modsecurity.d/rules/comodo_free/08_Global_Other.conf“] [line „57“] [id „210580“] [rev „2“] [msg „COMODO WAF: OS File Access Attempt||meinedomain.de|F|2“] [data „Matched Data: .profile found within REQUEST_COOKIES_NAMES:csrf[frontend.account.profile.save]: csrf[frontend.account.profile.save]“] [severity „CRITICAL“] [tag „CWAF“] [tag „Other“] [hostname „meinedomain.de“] [uri „/favicon.ico“] [unique_id „YLeCWMLzIgRHCBefflGk2AAAAAE“]
Action: Intercepted (phase 2)
Stopwatch: 1622639192788719 7146 (- - -)
Stopwatch2: 1622639192788719 7146; combined=4612, p1=676, p2=3824, p3=0, p4=0, p5=112, sr=121, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.3 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: „ENABLED“
Ich hoffe es kann mir jemand helfen.
Gruß
Mattes