ModSecurity and OWASP Rules

There's plenty of discussion on the web about ModSecurity triggering false positives with other CMS systems, has anyone any recommendations for configuring for Microweber to avoid unneccesary blocks? 

So far I've disabled the following rules: 
960015
981243
981245
981257

I notice that MW has also triggered rule 973337 but that might have just been during the install.
Peter Ivanov 2 years ago

hi nick

mod_security rules were added in this commit https://github.com/microweber/microweber/commit/c4ea8590efd28757f7f4eaf93e9c157973b6acac

some users were complaining that the save function does not work and i tried disabling mod security to fix those issues

i dont have any experience with mod_security so any help is appreciated

You must be logged in to reply on this thread


Sign Up
nick