The content of this FAQ has been updated and migrated to the following topics in docs.itrsgroup.com. Refer to the following:
We recommend that you always use the latest document version in https://docs.itrsgroup.com/ to keep you up-to-date.
Version 8.1.3 of OP5 Monitor requires mod_security. ModSecurity is "a toolkit for real-time web application monitoring, logging, and access control" which makes the web application in Monitor more secure.
If you are getting server responses like "Forbidden" or "You don't have permission to access [file]" after upgrading to 8.1.3 or above, chances are that mod_security is blocking the request for some reason.
Enable mod_security audit logging
The default mod_security config file is available here:
If you wish to enable audit logging to understand why a request is being denied, add the following from line #2 and downwards, after the initial "<IfModule mod_security2.c>":
SecAuditEngine RelevantOnly SecAuditLogRelevantStatus ^2-5 SecAuditLogParts ABCIFHZ SecAuditLogType Serial SecAuditLog /var/log/httpd/modsec_audit.log
Save the file and restart Apache:
# systemctl restart httpd
Reproduce your issue, inspect and/or send in "/var/log/httpd/modsec_audit.log" if you have an open ticket with us.