ModSecurity False Positives?

  • Luke

    (@codifyllc)


    9 years, 5 months ago

    When trying to activate the plugin, ModSecurity seems to be throwing multiple red flags.

    Our Server has WHM version 60.0
    We have the OWASP ModSecurity Core Rule Set enabled (https://documentation.cpanel.net/display/CKB/OWASP+ModSecurity+CRS)

    So far, I have disabled the following Rule IDs:
    – 981257: Detects MySQL comment-/space-obfuscated injections and backtick termination
    – 981245: Detects basic SQL authentication bypass attempts 2/3

    The next one that is being blocked (which I have not disabled yet) is:
    – 981242: Detects classic SQL injection probings 1/2

    I’m going to assume Flow-Flow Social Stream plugin is not intentionally doing these actions, but as I’m sure you would agree, I can not disable all these rules globally.

    So this topic is not really about needing help, but more bringing it to your attention.

The topic ‘ModSecurity False Positives?’ is closed to new replies.