More WHMCS Woes


We’re still having issues in WHMCS, for example we can’t embed videos in knowledge base articles. We get a 403 when saving the article. I’m trying to isolate the rule(s) in question.

Is there any progress toward general WHMCS fixes (for the various false positives)?



Hi Mark,

we are already working on this. If you have collected any info about WHMCS false positives (rule ids, logs, etc.) please submit it to me.

Thank you.

So many years ago and WHMCS still not working with Comodo rules. Plenty of false rules.
Example rules:


Both throw 403 errors when you try to save something in WHMCS backend.

Is there a solution on this?

Please provide modsec_audit.log parts for these events.
Please post it in the false positive thread.

We had a whmcs customer with the exact same issue.
Had to disable rule 212740

[Sat Jan 23 21:07:43.738998 2021] [:error] [pid 12154:tid 47343734961920] [client] [client] ModSecurity: Access denied with code 403 (phase 2). Pattern match "image\\\\/svg\\\\+xml|text\\\\/(?:css|html|(?:x-)?(?:(?:ecma|java|vb)script|scriptlet)).|.application\\\\/x-shockwave-flash" at ARGS_POST:emailglobalheader. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212740"] [rev "6"] [msg "COMODO WAF: XSS Attack Detected|||F|2"] [data "Matched Data: text/html; found within ARGS_POST:emailglobalheader: <!doctypehtmlpublic\\x22-//w3c//dtdxhtml1.0transitional//en\\x22\\x22\\x22><htmlxmlns=\\x22\\x22><head><metahttp-equiv=\\x22content-type\\x22content=\\x22text/html;charset={$charset}\\x22/><metaname=\\x22viewport\\x22content=\\x22width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no\\x22><styletype=\\x22text/css\\x22>[emailcss]</style></head><bodyleftmargin=\\..."] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname ""] [uri "/fpdw/fpdwad/configgeneral.php"] [unique_id "YAxz-3FXFwXY10Y-67Ks2AAAhQc"], referer:

Hope that helps