[Owasp-modsecurity-core-rule-set] WAF modsecurity_crs_41_sql_injection_attacks problem with french langage

Ahmed MARFOUK Wed, 06 Feb 2019 18:37:13 -0800

Hi,

I need Help plz.


Le WAF bloque notre formulaire à cause  de
modsecurity_crs_41_sql_injection_attacks rule ( ID 981257). cmment modifier
cette règle pour bloquer par exemple à partir de x nombre de caractères:


Log :
Pattern match
"(?i:(?:.*?[)\\da-f\"'`\xc2\xb4\xe2\x80\x99\xe2\x80\x98][\"'`\xc2\xb4\xe2\x80\x99\xe2\x80\x98](?:[\"'`\xc2\xb4\xe2\x80\x99\xe2\x80\x98].*?[\"'`\xc2\xb4\xe2\x80\x99\xe2\x80\x98]|\\Z|[^\"'`\xc2\xb4\xe2\x80\x99\xe2\x80\x98]+))|(?:\\Wselect.+\\W*?from)|((?:
..." at ARGS:denomination. [file
"/etc/httpd/modsecurity-crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"]
[line "216"] [id "981257"] [msg "Detects MySQL comment-/space-obfuscated
injections and backtick termination"] [data "Matched Data: LA MAROCAINE
D'ELECTRONIQUE ET DE TRANSACTION COMMERCIALE found within
ARGS:denomination: LA MAROCAINE D'ELECTRONIQUE ET DE TRANSACTION
COMMERCIALE"] [severity "CRITICAL"] [tag
"OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] |

Merci par avance

_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

[Owasp-modsecurity-core-rule-set] WAF modsecurity_crs_41_sql_injection_attacks problem with french langage

Reply via email to