Skip to content
English
My Tickets
  • There are no suggestions because the search field is empty.

File Download is blocked due to Modsec CRS rules in FileCloud version 23.242

Original Question or Issue:

After upgrading to the latest version, the directory that was previously authorized to download is now unable to download.

Environment:

  • Product - FileCloud Server
  • Version - 23.242
  • Platform - Linux

Steps to Reproduce:

 

Error or Log Message:

Apache error logs:

[Tue May 20 05:45:49.803000 2025] [:error] [pid 2058107:tid 2058107] [client 10.101.202.2:65025] [client 10.101.202.2] ModSecurity: Warning. Pattern match "\\\\xbc[^\\\\xbe>]*[\\\\xbe>]|<[^\\\\xbe]*\\\\xbe" at ARGS:filepath. [file "/usr/share/modsecurity-crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf"] [line "546"] [id "941310"] [msg "US-ASCII Malformed Encoding XSS Filter - Attack Detected"] [data "Matched Data:

Defect or Enhancement Number:

 

Cause:

This is a known issue related to ModSecurity, which was introduced to the Ubuntu build starting from the FileCloud Server 23.242 release.
We added a security module to Apache (modsec), which in Linux packages could include a set of restrictive rules that could block requests.

Resolution or Workaround:

We need to turn off the SecRuleEngine by following the following items:

  • Look for SecRuleEngine and change the value from On to Off:

        vi /etc/apache2/apache2.conf

        SecRuleEngine Off

  •   Kindly restart the Apache service:

        service apache2 restart

Notes:

An improvement to address this behavior is planned and will be included in the upcoming 23.251 release.
Internal Development ticket ID: FCL-1237