I run a small webhosting service (CPanel
+ ModSecurity
) and I personnaly host few laravel
projects on it. I noticed that when I (or anyone) visit multiple pages quickly (one after the other), at some point I get a Too Many Redirects
error after the 6th or 7th visit (Redirected to /
)
After few research, I noticed that it's due to a ModSecurity
match on a cookie, and when it matches, the matched session is locked in this redirection loop until cookies are manually cleared (for that domain). Here is an extract of the ModSecurity
logs showing the match and the response (Pastebin).
I don't get why it's matching "sometimes" (always when logged-in as a user), and how to prevent it. If you guys have an idea...
Thank you for your help