Best Solution for ModSecurity issue and GoDaddy?

[goatherder]

My store just started having load problems. After clicking on about 5-6 links in my back or front of the store I get message the server wasn't responding. (currently running 1.4.1 version of Prestashop)

 

I went into the error logs at GoDaddy and it shows ModSecurity warnings for my IP and that it blocked access for ajax.php

 

I talked to them and they said they started rolling out new security settings this summer to stop brute force attacks. They said that because the same scripts keep getting called all the time it was a flag for the system.

 

I was told that my only solutions are to find different software or buy a Virtual Server plan that would allow me to customize my own ModSecurity settings.

 

So I am looking for some feedback on what the community here thinks is best or easiest answer.

I am looking at just moving away from GoDaddy as well. I can't easily move from Prestashop, I have over 1500 products in my store.

[BWT]

What hosting plan are you using with them? I have several with no problems all have presta installed. Are you using a linux hosting or windows version?

[goatherder]

I am using Linux deluxe hosting.

Mine was fine until yesterday, then it went bad. They said updates are getting rolled out to their servers and they probably finally got to the one I am on.

[goatherder]

This is the error in the logs

-- ModSecurity: Access denied with connection close (phase 3). Pattern match "block" at TX:evalaction. [file "/web/httpd2/modsecurity.d/activated_rules/modsecurity_gd_07_post_guardian.conf"] [line "19"] [id "10702"] [msg "BLOCKED - Automated Attacks(cached)"]

 

After a few minutes wait it will work again.

Edited August 15, 2013 by goatherder (see edit history)

[benjamin utterback]

Hi goatherder, the best thing you can do is contact GoDaddy, if things just stopped working and they said updates are rolling out, it probably is that.

[goatherder]

I did contact them, their answer is to stop using Prestashop or buy Virtual Server plan.

Edited August 15, 2013 by goatherder (see edit history)

[benjamin utterback]

What was their reasoning for this? PrestaShop stores are installed on thousands of shared servers. Maybe their specifications weren't meant for an Ecommerce store.

[goatherder]

They said that there was an increase in attacks on Wordpress sites recently. To combat this they got more aggressive with the ModSecurity settings. It is looking for Brute Force attacks on sites. So when Prestashop, at least 1.4.1, keeps calling up the same script over and over again it gets flagged. When it gets flagged it blocks connections from that IP for a while.

 

So their answer is new ecommerce software that doesn't act this way or move the site to a Virtual Server so I can manually control the ModSecurity settings myself.

[benjamin utterback]

That is true, but if that is the case then those servers are not Ecommerce ready, as Ecommerce solutions need to have mod_security deactivated.

 

You would need to have this deactivated in order to work, or move to another shared server on GoDaddy if they allow it.

[BWT]

That's BS! The hosting company should be responsible if they make changes that affect your site. Or at the very least give you a heads up before. Because they decide to "Update" and it screws your site up they should be responsible for it! Or at the very least find a way to make it right without you having to take on extra charges! How many hours days weeks months of your time did you but in to build your site configure it, what about your traffic? and all the other efforts you put into creating and managing your site? Will they just say "oh! well" too bad, only solution is to "Buy" a different hosting package that costs more and at that one a much more expensive plan? I would be PIsssssed off with them. What about your loss in revenue from the down site?

[benjamin utterback]

That's BS! The hosting company should be responsible if they make changes that affect your site. Or at the very least give you a heads up before. Because they decide to "Update" and it screws your site up they should be responsible for it! Or at the very least find a way to make it right without you having to take on extra charges! How many hours days weeks months of your time did you but in to build your site configure it, what about your traffic? and all the other efforts you put into creating and managing your site? Will they just say "oh! well" too bad, only solution is to "Buy" a different hosting package that costs more and at that one a much more expensive plan? I would be PIsssssed off with them. What about your loss in revenue from the down site?

 

I agree, that's why our hosting partners, and most other companies will clearly tell you what you need to in order to run an Ecommerce website. It's surprising that the website was working before and "just started having" problems... It just seems like the server configuration was changed and lessened to not handle those type of websites.

[benjamin utterback]

Strange that they want you to go to a vps, there are many PrestaShop stores that are hosted by GoDaddy. I found one right here, http://www.prestashop.com/forums/topic/267731-website-only-shows-up-when-url-is-prestashop/page__pid__1342129?do=findComment&comment=1342129

[El Patron]

reading this, well there is no money in shared, but kudos for godaddy to allow us to run unlimited domains for 79 bucks a year.

 

that being said...

 

simply move from your existing shared hosting to another. If you don't know how then hire someone as it's pretty darned easy and should be cheap to do.

 

the main thing which you most likely don't have now is mod_expires, so find a shared hosting that has mod_expires.

 

Then it is a simple matter to change your domain (assuming also registered on godady) to another hosting.

 

my 3 cents

[Dh42]

Actually, you should be able to contact either inmotion or A2 and the should be able to transfer your whole site for you with no downtime at no charge. I would contact them and ask them about it.

[benjamin utterback]

<div><a href="https://partners.a2hosting.com/solutions.php?id=3682&amp;url=311">A2 Hosting link </a></div>

<div><a href="https://secure1.inmotionhosting.com/cgi-bin/gby/clickthru.cgi?id=prestashop&amp;page=336">InMotion link</a></div>

<div> </div>

<div>They can definitely help you move over to their servers and have this problem solved in no-time. They are also affordable. You should definitely consider it!</div>

[El Patron]

two mod and a Presta Team member vote move...so don't let the godaddy door hit you in the behind on the way out...

[lozal2244]

Hi, same problem here.

 

I called to godaddy and they told me that they enabled the mod_security and that's why the server doesn't accept more than 7 AJAX calls.

 

They wanted to sell me a dedicated server, but I didn't accepted, they have change their services, and they told me that I can obtain a refund of the money.

 

The call duration was about 1 hour.

 

Ah! the response of the technical service, was..." please change the theme of your backoffice" wtf... the backoffice theme is the only that exists....

 

Regards,

Alex