Next page leads to an error Accounts, Contacts, Notes, Tasks

đź’¬ General Discussion
1

Hi all,

Nice new forum, better UI, thanks. I have checked the forum but could not find any similar issue.

I’m still on 7.11.10:slightly_smiling_face: on Centos8

I have recently discovered an issue when I try to view next pages for Accounts, Contacts, Notes, Tasks. Actually I have imported all records from my old system to these modules.

When I click Accounts ( View Accounts ) it shows the first page with accounts (20 records), I click > key to see next 20 records, it show next 20 records no problems.

But I see small visual difference on the next 20 records, all the columns displayed in bold.

And when I click > again to see next 20 or < to see previous 20 I get

Forbidden

You don’t have permission to access /suitecrm/index.php on this server.

I can hit enter key on URL line and browser returns to Dashboard. I have tried for other modules and this happens same as for Contacts, Notes, Tasks. Each time on second 20 records displayed and click on any next/previous key result the above error.

I have also tried with clicking go to end button then previous or goto first, at the result is the same.

There is nothing important in the suitecrm log and php error log for the time period that I have tried these.

I have suspected about httpd conf but it is as simple as follows:

<VirtualHost :80>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

<VirtualHost *:443>
Alias /suitecrm /var/www/html/suitecrm/
<Directory /var/www/html/suitecrm/>
AddDefaultCharset UTF-8
Require all granted

Any ideas ? or suggestion to check ?

Thanks in advance.

2

Can you try in Admin / Repairs running Rebuild .htaccess?

3

Sadly I have found the following in /var/log/httpd/error_log

[Tue Dec 10 10:58:04.692193 2019] [:error] [pid 7113:tid 139801017661184] [client xxx.xxx.xxx.xxx:58186] [client xxx.xxx.xxx.xxx.238] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file “/etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf”] [line “57”] [id “949110”] [msg “Inbound Anomaly Score Exceeded (Total Score: 5)”] [severity “CRITICAL”] [tag “application-multi”] [tag “language-multi”] [tag “platform-multi”] [tag “attack-generic”] [hostname “xxxxx.xxxxx.xxx”] [uri “/suitecrm/index.php”] [unique_id “Xe9sLJQDIaRXL486sBgC2wAAAE4”], referer: https://xxxxx.xxxxxx.xxx/suitecrm/index.php

This is due to httpd ModSecurity module. I have tried to set disable the rule 949110 but cannot configure it then disable the mod security completely by renaming it’s .conf file.

Then restart httpd and see that next pages working.

Only issue is with the second page all columns are displayed in bold.

Anyone experiences the similar issue with Apache ModSecurity ? any suggestions to use it with a special configuration ?

4

Nope, even after Repuild .ht access issue is the same

I can only survive with ModSecurity with adding following to httpd.conf

      <LocationMatch /suitecrm/*>
		<IfModule mod_security2.c>
		SecRuleRemoveById 949110
		</IfModule>
      </LocationMatch>

and having all columns in bold for next pages are the same.

5

I’m sorry but I’m not familiar with ModSecurity to be able to help you… :confused: