Forbidden
You don't have permission to access /pages/doeditpage.action on this server.
2015:11:02-19:40:43 utm reverseproxy: [Mon Nov 02 19:40:43.910310 2015] [security2:error] [pid 6921:tid 3988700016] [client A.A.A.198] ModSecurity: Rule a3c0550 [id "950018"][file "/usr/apache/conf/waf/modsecurity_crs_generic_attacks.conf"][line "93"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "confluence.C.C"] [uri "/pages/doeditpage.action"] [unique_id "VjeuK9lkAPIAABsJ0D4AAAAR"]
2015:11:02-19:40:43 utm reverseproxy: id="0299" srcip="A.A.A.198" localip="B.B.B.243" size="37228" user="-" host="A.A.A.198" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="227768" url="/rest/documentConversion/latest/conversion/thumbnail/3899527/1" server="confluence.C.C" referer="confluence.C.C/.../editpage.action
2015:11:02-19:40:43 utm reverseproxy: id="0299" srcip="A.A.A.198" localip="B.B.B.243" size="36968" user="-" host="A.A.A.198" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="228876" url="/rest/documentConversion/latest/conversion/thumbnail/3899525/1" server="confluence.C.C" referer="confluence.C.C/.../editpage.action
2015:11:02-19:40:43 utm reverseproxy: [Mon Nov 02 19:40:43.927002 2015] [security2:error] [pid 6921:tid 3988700016] [client A.A.A.198] ModSecurity: Warning. Pattern match "(?i[[[[[[[[[[[:(]]]]]]]]]]][\\s'\"`\xc2\xb4\xe2\x80\x99\xe2\x80\x98\\(\\)]*?)([\\d\\w]++)([\\s'\"`\xc2\xb4\xe2\x80\x99\xe2\x80\x98\\(\\)]*?)(?[[[[[[[[[[[:(]]]]]]]]]]]?:=||r?like|sounds\\s+like|regexp)([\\s'\"`\xc2\xb4\xe2\x80\x99\xe2\x80\x98\\(\\)]*?)\\2|(?:!=|=|<>||\\^|is\\s+not|not\\ ..." at ARGS:wysiwygContent. [file "/usr/apache/conf/waf/modsecurity_crs_sql_injection_attacks.conf"] [line "77"] [id "950901"] [rev "2"] [msg "SQL Injection Attack: SQL Tautology Detected."] [data "Matched Data: t=\x22t found within ARGS:wysiwygContent:
Recent space activ..."] [severity "CRITICAL"] [ver "OWAS [hostname "confluence.C.C"] [uri "/pages/doeditpage.action"] [unique_id "VjeuK9lkAPIAABsJ0D4AAAAR"]
2015:11:02-19:40:43 utm reverseproxy: [Mon Nov 02 19:40:43.927684 2015] [security2:error] [pid 6921:tid 3988700016] [client A.A.A.198] ModSecurity: Warning. Pattern match "(?i[[[[[[[[[[[:(]]]]]]]]]]][\\s'\"`\xc2\xb4\xe2\x80\x99\xe2\x80\x98\\(\\)]*?)([\\d\\w]++)([\\s'\"`\xc2\xb4\xe2\x80\x99\xe2\x80\x98\\(\\)]*?)(?[[[[[[[[[[[:(]]]]]]]]]]]?:=||r?like|sounds\\s+like|regexp)([\\s'\"`\xc2\xb4\xe2\x80\x99\xe2\x80\x98\\(\\)]*?)\\2|(?:!=|=|<>||\\^|is\\s+not|not\\ ..." at ARGS:wysiwygContent. [file "/usr/apache/conf/waf/modsecurity_crs_sql_injection_attacks.conf"] [line "77"] [id "950901"] [rev "2"] [msg "SQL Injection Attack: SQL Tautology Detected."] [data "Matched Data: t=\x22t found within ARGS:wysiwygContent:
Recent space activ..."] [severity "CRITICAL"] [ver "OWAS [hostname "confluence.C.C"] [uri "/pages/doeditpage.action"] [unique_id "VjeuK9lkAPIAABsJ0D4AAAAR"]
2015:11:02-19:40:43 utm reverseproxy: [Mon Nov 02 19:40:43.928359 2015] [security2:error] [pid 6921:tid 3988700016] [client A.A.A.198] ModSecurity: Warning. Pattern match "(?i[[[[[[[[[[[:(]]]]]]]]]]][\\s'\"`\xc2\xb4\xe2\x80\x99\xe2\x80\x98\\(\\)]*?)([\\d\\w]++)([\\s'\"`\xc2\xb4\xe2\x80\x99\xe2\x80\x98\\(\\)]*?)(?[[[[[[[[[[[:(]]]]]]]]]]]?:=||r?like|sounds\\s+like|regexp)([\\s'\"`\xc2\xb4\xe2\x80\x99\xe2\x80\x98\\(\\)]*?)\\2|(?:!=|=|<>||\\^|is\\s+not|not\\ ..." at ARGS:wysiwygContent. [file "/usr/apache/conf/waf/modsecurity_crs_sql_injection_attacks.conf"] [line "77"] [id "950901"] [rev "2"] [msg "SQL Injection Attack: SQL Tautology Detected."] [data "Matched Data: t=\x22t found within ARGS:wysiwygContent:
Recent space activ..."] [severity "CRITICAL"] [ver "OWAS [hostname "confluence.C.C"] [uri "/pages/doeditpage.action"] [unique_id "VjeuK9lkAPIAABsJ0D4AAAAR"]
2015:11:02-19:40:43 utm reverseproxy: [Mon Nov 02 19:40:43.951019 2015] [security2:error] [pid 6921:tid 3988700016] [client A.A.A.198] ModSecurity: Warning. Pattern match "([\\~\\!\\@\\#\\$\\%\\^\\&\\*\\(\\)\\-\\+\\=\\{\\}\\[\\]\\|\\:\\;\"\\'\\\xc2\xb4\\\xe2\x80\x99\\\xe2\x80\x98\\`\\].*?){4,}" at ARGS:wysiwygContent. [file "/usr/apache/conf/waf/modsecurity_crs_sql_injection_attacks.conf"] [line "159"] [id "981173"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data:
Recent space activity
Space contributors
Recent spac..."] [severity "CRITICAL"] [tag "OWASP_CRS/WEB_AT [hostname "confluence.C.C"] [uri "/pages/doeditpage.action"] [unique_id "VjeuK9lkAPIAABsJ0D4AAAAR"]
2015:11:02-19:40:43 utm reverseproxy: [Mon Nov 02 19:40:43.961609 2015] [security2:error] [pid 6921:tid 3988700016] [client A.A.A.198] ModSecurity: Warning. Pattern match "(?i[[[[[[[[[[[:(]]]]]]]]]]]?:union\\s*?(?:all|distinct|[(!@]*?)?\\s*?[([]*?\\s*?select\\s+)|(?:\\w+\\s+like\\s+[\"'`\xc2\xb4\xe2\x80\x99\xe2\x80\x98])|(?:like\\s*?[\"'`\xc2\xb4\xe2\x80\x99\xe2\x80\x98]\\%)|(?:[\"'`\xc2\xb4\xe2\x80\x99\xe2\x80\x98]\\s*?like\\W*?[\"'`\xc2\xb4 ..." at ARGS:wysiwygContent. [file "/usr/apache/conf/waf/modsecurity_crs_sql_injection_attacks.conf"] [line "223"] [id "981245"] [msg "Detects basic SQL authentication bypass attempts 2/3"] [data "Matched Data: \x22>
Recent space a..."] [severity "CRITICAL"] [tag "OWASP_ [hostname "confluence.C.C"] [uri "/pages/doeditpage.action"] [unique_id "VjeuK9lkAPIAABsJ0D4AAAAR"]
2015:11:02-19:40:43 utm reverseproxy: [Mon Nov 02 19:40:43.976647 2015] [security2:error] [pid 6921:tid 3988700016] [client A.A.A.198] ModSecurity: Rule a59b8f8 [id "981243"][file "/usr/apache/conf/waf/modsecurity_crs_sql_injection_attacks.conf"][line "245"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "confluence.C.C"] [uri "/pages/doeditpage.action"] [unique_id "VjeuK9lkAPIAABsJ0D4AAAAR"]
2015:11:02-19:40:43 utm reverseproxy: [Mon Nov 02 19:40:43.977122 2015] [security2:error] [pid 6921:tid 3988700016] [client A.A.A.198] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(.*)" at TX:950109-OWASP_CRS/PROTOCOL_VIOLATION/EVASION-ARGS:wysiwygContent. [file "/usr/apache/conf/waf/modsecurity_crs_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 64, SQLi=20, XSS=25): Last Matched Message: 981245-Detects basic SQL authentication bypass attempts 2/3"] [data "Last Matched Data:
Recent space activity
confluence.C.C/.../editpage.action cookie="atlassian.xsrf.token=BUWG-DED7-ZRSB-M0PI|62eb8d0b9ee0563650a2d9ce71c5a0e1d1673334|lout; JSESSIONID=0A5DF167685410B8EE38BC2CAF6EC071; HASH_JSESSIONID=F1720F9CAFC622362FAFFD40A81C9FE1D7CD940D; confluence-sidebar.width=285" set-cookie="-">
Quote