Users on multiple servers can no longer create or update posts in WordPress. (That’s a big problem because WP is all we host.)
If a user tries to save a post with a link in it, the post doesn’t save and the user sees a 404 error.
The ModSecurity logs show that this action triggers rule 225130. Details about that rule:
404 225130: COMODO WAF: XSSvulnerability in the WordPressbefore 4.3.1 (CVE-2015-5714)||mydomain.com|F|mydomain.com|F|2
So this doesn’t make sense because all of these sites are on the current version of WordPress, many versions beyond 4.3.1. So, from the description, this rule shouldn’t even be taking effect.
But the bigger problem is that I can’t disable the rule! When I search for it in the catalog, I get a “not found” error. Yet that rule is actively working and causing problems.
EDIT: As soon as i posted this, appears that a new update was released. Rules 1.97. I’m still tring to see if fix the problem.
This is a major problem. I also found this since yesterday!
If the post have a image or link, the rule is activated. Doesn’t matter if is used the last version of Wordpress or not, the rule is always active.
I also cannot disable it by the Comodo WAF plugin in cPanel. The only solution was disable ALL the wordpress rules (what is not recommended).