I get 403 errors with my PHP Web Stat script. After a long search I found out that mod_security is the one to blame.
The following url (for example) which is generated gives a 403 error:
Code:http://www.pkndevoorhof.nl/scripts/phpwebstat4/track.php?js_resolution=1366x768&js_referer=http%3A//www.pkndevoorhof.nl/agenda&js_color=24&js_url=http%3A//www.pkndevoorhof.nl/
And a small part of my Apache error log:
Code:[Mon Aug 19 09:24:44 2013] [error] [client 95.97.XX.XXX] mod_security: Access denied with code 403. Pattern match "\\\\.php(3|4|5)?(\\\\?|&).*=(ht|f)tps?:/.*(\\\\?|&)" at REQUEST_URI [id "300018"] [rev "1"] [msg "Generic PHP code injection protection"] [severity "CRITICAL"] [hostname "www.pkndevoorhof.nl"] [uri "/scripts/phpwebstat4/track.php?js_resolution=1366x768&js_referer=http%3A//www.pkndevoorhof.nl/agenda&js_color=24&js_url=http%3A//www.pkndevoorhof.nl/"] [unique_id "UhHIPG1GB9wAAB6Nu1IAAAAA"]
[Mon Aug 19 09:24:46 2013] [error] [client 95.97.XX.XXX] mod_security: Access denied with code 403. Pattern match "\\\\.php(3|4|5)?(\\\\?|&).*=(ht|f)tps?:/.*(\\\\?|&)" at REQUEST_URI [id "300018"] [rev "1"] [msg "Generic PHP code injection protection"] [severity "CRITICAL"] [hostname "www.pkndevoorhof.nl"] [uri "/scripts/phpwebstat4/track.php?js_resolution=1920x1080&js_referer=&js_color=24&js_url=http%3A//www.pkndevoorhof.nl/scripts/phpwebstat4/track.php%3Fjs_resolution%3D1366x768%26js_referer%3Dhttp%253A//www.pkndevoorhof.nl/agenda%26js_color%3D24%26js_url%3Dhttp%253A//www.pkndevoorhof.nl/"] [unique_id "UhHIPm1GB9wAAB6SvOcAAAAD"]
I found out that when I remove the js_referer url, the script works. mod_security blocks urls with an url in it (not if it's the last variable).
Does anybody know a better solution (or workaround) than removing the referer from the script or removing the 'http://' from the referer?
Regards, André