Mod security module false positive
What does it take for In Motion Hosting to look at their Mod security.
You have a bug in your detection of Force Attacks.
Error message:
Due to a high number of failed login attempts, access to /administrator/index.php has been blocked by Mod Security.
For more information please review our Support Center article on the topic:
https://www.inmotionhosting.com/support/news/general/joomla-brute-force-increase
We have already gone through all the steps.
Ensuring you are using a secure password
Adding an additional username / password to your /administrator folder
The product we are using for the secondary login before the administrator page also show no such attacks nor does the vendor of the 3rd party security product see any referance of these so called attacks. Your own raw logs in the cpanel do not show such attacks. your Mod security seems to be posting a false positive and locking accounts.
Tech support does not seem to pass the information along to someone to look at as a possible issue.
Have asked for proof of such attacks, but never have received any proof.
You have a bug in your detection of Force Attacks.
Error message:
Due to a high number of failed login attempts, access to /administrator/index.php has been blocked by Mod Security.
For more information please review our Support Center article on the topic:
https://www.inmotionhosting.com/support/news/general/joomla-brute-force-increase
We have already gone through all the steps.
Ensuring you are using a secure password
Adding an additional username / password to your /administrator folder
The product we are using for the secondary login before the administrator page also show no such attacks nor does the vendor of the 3rd party security product see any referance of these so called attacks. Your own raw logs in the cpanel do not show such attacks. your Mod security seems to be posting a false positive and locking accounts.
Tech support does not seem to pass the information along to someone to look at as a possible issue.
Have asked for proof of such attacks, but never have received any proof.
