Community
OpenEnergyMonitor

OpenEnergyMonitor Community

403 Error when trying to send data via "JSON format - with time"

Tags: #<Tag:0x00007fc9b673f820>

Hi there,

after a lot of time i got emoncms 10.2.5 running on my webspace without any direct errors. I’m very lucky about that :slight_smile:.

But there is still one problem. When i’m trying to send data to emoncms via JSON-format the webserver gives me a 403 Error. Even when i’m clicking at the link in the InputApi-helper, the error appears.
My plan was to send the Data from a raspi with “SolPipLog” installed to emoncms. SolPipLog seems to use the JSON-Format.

Does anyone have any idea how to solve the problem?

thanks and best regards :slight_smile:

update:

after some research i found this in my webserver log:

"
[client 194.140.115.251] ModSecurity: Warning. Operator GE matched 5 at TX:inbound_anomaly_score. [file “/etc/apache2/modsecurity.d/rules/owasp_modsecurity_crs_3-plesk/RESPONSE-980-CORRELATION.conf”] [line “73”] [id “980130”] [msg “Inbound Anomaly Score Exceeded (Total Inbound Score: 15 - SQLI=15,XSS=0,RFI=0,LFI=0,RCE=0,PHPI=0,HTTP=0,SESS=0): Detects classic SQL injection probings 2/2”] [tag “event-correlation”] [hostname “katerlepv.de”] [uri “/error_docs/forbidden.html”] [unique_id “X0nxAgW0QlwAAArGY3EAAABA”], referer: http://katerlepv.de/emoncms/input/api
"

maybe this could help to figure out the problem

next update:

i’ve found at that my webspaceprovider installed a “web application firewall”. Emoncms seems to do something illegal for the firewall and gets blocked.

After i set the firewall to “warn only” it seems to be running :slight_smile:

1 Like

Your provider’s firewall thinks the emonCMS traffic is an SQL Injection attack, hence the issue you saw.
Good to see you got it resolved. thumbsup

I thought it’s good to share this information. Maybe someone else has the same trouble and can be helped with this post.

Indeed it is. Thanks!