+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forumdisplay.php?fid=28)
+--- Forum: CodeIgniter 4 Support (https://forum.codeigniter.com/forumdisplay.php?fid=30)
+--- Thread: Error Passing 32 Bit Integer in URL (/showthread.php?tid=90574)
Pages:
1
2
RE: Error Passing 32 Bit Integer in URL - cx3700 - 04-06-2024
(04-06-2024, 02:45 PM)kenjis Wrote: https://imgur.com/a/uQnAqbK is not the default CI4 error page.
So, the conclusion is that the web server or Web Application Firewall may be returning a 403.
Check with your service provider's technical support.
Unfortunately it’s AWS and there’s no real support unless you pay for a support plan.
RE: Error Passing 32 Bit Integer in URL - kenjis - 04-06-2024
It seems Plesk error page.
https://talk.plesk.com/threads/server-error-403-forbidden-you-do-not-have-permission-to-access-this-document.360836/
RE: Error Passing 32 Bit Integer in URL - cx3700 - 04-06-2024
It only happens with CodeIgniter though. If I make a basic PHP page with that URL token it works fine ?♂️
RE: Error Passing 32 Bit Integer in URL - kenjis - 04-06-2024
Check your web server's log, and CI4 log.
See https://codeigniter4.github.io/CodeIgniter4/testing/debugging.html#codeigniter-error-logs
RE: Error Passing 32 Bit Integer in URL - cx3700 - 04-06-2024
[client 193.37.254.75] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i: (?:^(-0000023456|-2147483648|-2147483649|0000012345|0000023456|1e309|2147483648|2147483647|2.2.90738585072007e-308|4294967295|4294967296)$))" at ARGS:device. [file "/etc/apache2/modsecurity.d/rules/comodo_free/22_SQL_SQLi.conf"] [line "32"] [id "211680"] [rev "2"] [msg "COMODO WAF: Looking for integer overflow attacks||domain.com|F|2"] [data "Matched Data: 4294967295 found within ARGS:device: 4294967295"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "domain.com"] [uri "/events"] [unique_id "ZhIMy938svLQ5FWml8GGJwAAAAo"]
RE: Error Passing 32 Bit Integer in URL - kenjis - 04-06-2024
That's it. mod_security blocks requests with the Query string.