Author Topic: Match of "contains cpanel" against "REQUEST_URI" required.  (Read 304 times)

Offline postcd

  • Comodo Member
  • **
  • Posts: 32
Match of "contains cpanel" against "REQUEST_URI" required.
« on: October 07, 2017, 07:09:01 PM »
Hello,

please why the phrasse "contains cpanel" is necessary to appear in REQUEST_URI?

meta_logdata    Matched Data: /etc/ found within REQUEST_URI: /ajax.php?do=autosave
justification    Match of "contains cpanel" against "REQUEST_URI" required.
meta_file    /usr/local/apache/conf/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf
meta_id    211190
id    128503

On a side note, this rule generating FP. the /ajax.php?do=autosave is an web based text editor (part of vBulletin CMS) which i am using to publish technical posts contianing phrasses like /etc
Thank You for a Comodo ModSecurity & CIS. Nice SW.

Offline TDmitry

  • Head CWAF Rule Writing Team
  • Comodo's Hero
  • *****
  • Posts: 370
Re: Match of "contains cpanel" against "REQUEST_URI" required.
« Reply #1 on: October 11, 2017, 10:49:03 AM »
Hello,

please why the phrasse "contains cpanel" is necessary to appear in REQUEST_URI?

meta_logdata    Matched Data: /etc/ found within REQUEST_URI: /ajax.php?do=autosave
justification    Match of "contains cpanel" against "REQUEST_URI" required.
meta_file    /usr/local/apache/conf/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf
meta_id    211190
id    128503

On a side note, this rule generating FP. the /ajax.php?do=autosave is an web based text editor (part of vBulletin CMS) which i am using to publish technical posts contianing phrasses like /etc
That rule requires that "cpanel" not in REQUEST_URI.

You can paste your False Positive details at proper thread https://forums.comodo.com/free-modsecurity-rules-comodo-web-application-firewall/falsepositive-report-thread-t104373.0.html and we will fix it.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek