Kunena 7.0.5 & Kunena 6.4.11 – Security Updates Released

The Kunena team has announce the arrival of Kunena 7.0.5 [K 7.0.5] in stable which is now available for download as a native Joomla extension for J! 5.4.x/6.0.x. This version addresses most of the issues that were discovered in K 6.2 / K 6.3 / K 6.4 and issues discovered during the last development stages of K 7.0.

The Kunena team is also pleased to announce the eleventh version of Kunena 6.4, a native Joomla extension for Joomla! 5.0, 5.1, 5.2, 5.3, 5.4 and 6.0.

Solved [K.5.0.B1] ModSecurity protection is blocking referer=com_kunena

More
10 years 1 month ago - 10 years 1 month ago #174681 by ssh
[K.5.0.B1] ModSecurity protection is blocking referer=com_kunena was created by ssh
I have reported this in the joomla forum
forum.joomla.org/viewtopic.php?f=706&t=923375

I also bring the problem here because the referer=com_kunena

It appears that the ModSecurity was triggered due to pattern match of "el6.x86_64" which is most likely caused due to the phpinfo() information.

The exact error log is the following:
Message: Access denied with code 406 (phase 4). Pattern match "el6.x86_64" at RESPONSE_BODY.
[28/Apr/2016:14:08:21 --0500] VyJfpEWvJ6IADBSQQD0AAAAL 186.7.x.x 57654 69.175.x.x 8081
--34f80242-B--
GET /administrator/index.php?option=com_ajax&group=system&plugin=sendStats&format=raw HTTP/1.0
Referer: example.com/administrator/index.php?option=com_kunena
Host: example.com
Last edit: 10 years 1 month ago by ssh.

Please Log in or Create an account to join the conversation.

More
10 years 1 month ago #174683 by 810
Replied by 810 on topic [K.5.0.B1] ModSecurity protection is blocking referer=com_kunena
try this:
forums.cpanel.net/threads/access-denied-...attern-match.283252/
The following user(s) said Thank You: ssh

Please Log in or Create an account to join the conversation.

More
10 years 1 month ago #174685 by ssh
Replied by ssh on topic [K.5.0.B1] ModSecurity protection is blocking referer=com_kunena
Yes, I agree.
I can solve the problem by installing ConfigServer ModSecurity Control or by disabling ModSecurity.

btw, people using share hosting does not have access to the first option.


in conclusion, is kunena related with this script o not?

Please Log in or Create an account to join the conversation.

More
10 years 1 month ago #174686 by 810
Replied by 810 on topic [K.5.0.B1] ModSecurity protection is blocking referer=com_kunena
mod_security is not a default option, so this is not kunena or joomla related.

mod_security is for static websites.
The following user(s) said Thank You: ssh

Please Log in or Create an account to join the conversation.

Time to create page: 0.265 seconds