-1

Custom PHP program that tracks medical data. Via a modal form, users enter/submit comments. On one (and only one) installation of the program, users are able to submit all medications EXCEPT the word "Doxycycline". They can enter any variation of the word, such as Doxyclyclin, Oxycycline, Foxycycline. I modified PDO to show exceptions. No errors are displayed or logged. Upon submission, user is just bounced to program's home page, whereas they'd normally be returned to same page upon error or successful submission.

Tried removing all input sanitation. Checked the .htaccess files in the program, at the root level, searched their web server via File Manager to see if the word exists and/or is restricted via other files.

I can manually insert the word to their MySQL database, and can add the word to their website content using their website software.

Other installations of this same program on different web servers do not experience this issue. Why just this one word and how can I find what is restricting it?

user3103374
  • 11
  • 2
  • It sounds like you have some sort of security/anti-spam extension installed or something. In any case, we can't really help you without even knowing what web server you're using (Apache I'm guessing since you mentioned `.htaccess`?), and what it's config is. – Brad Feb 22 '15 at 15:50

1 Answers1

1

ModSecurity had recently been enabled on the client's web server and the word Doxycycline triggered an anti-spam rule for pharmacy words. This was identified via the ModSecurity Tools option in WHM. Adding the following code to the modsec2.user.conf file located in /users/local/apache/conf removed the restriction for this rule. Syslog was also disabled, which is why no errors were logged. Custom rules had previously been applied for the client's CMS, which is why the word was permitted on the website.

<LocationMatch "/softwarefolder">
  <IfModule mod_security2.c>
        SecRuleRemoveById 300086 300061 300117
  </IfModule>
</LocationMatch>
user3103374
  • 11
  • 2