You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on May 14, 2020. It is now read-only.
Our environment:
Windows 2012 Server R2 Standard;
Apache/2.4.12 (Win64) OpenSSL/1.0.1m PHP/5.6.9;
ModSecurity for Apache/2.8.0; OWASP_CRS/2.2.9
We have Arabic version of website with pages that contains Arabic letters. We don't have any problem with ModSecurity when Post any English letters. Problem exist when Anyone POST comments with Arabic letters.
This Message form Apache Log :
Message: Access denied with code 403 (phase 2). Pattern match "\\W{4,}" at ARGS:comment.
[file "C:/Apache24/conf/crs/activated_rules/modsecurity_crs_40_generic_attacks.conf"]
[line "37"] [id "960024"] [rev "2"] [msg "Meta-Character Anomaly Detection Alert - Repetative Non-Word Characters"]
[data "Matched Data: \xd8\xb5\xd8\xa8\xd8\xa7\xd8\xad \xd8\xa7\xd9\x84\xd8\xae\xd9\x8a\xd8\xb1
found within ARGS:comment: \xd8\xb5\xd8\xa8\xd8\xa7\xd8\xad \xd8\xa7\xd9\x84\xd8\xae\xd9\x8a\xd8\xb1"]
[ver "OWASP_CRS/2.2.9"] [maturity "9"] [accuracy "8"]
We Add these in httpd.conf m but still the same issue !!
Hi,
Our environment:
Windows 2012 Server R2 Standard;
Apache/2.4.12 (Win64) OpenSSL/1.0.1m PHP/5.6.9;
ModSecurity for Apache/2.8.0; OWASP_CRS/2.2.9
We have Arabic version of website with pages that contains Arabic letters. We don't have any problem with ModSecurity when Post any English letters. Problem exist when Anyone POST comments with Arabic letters.
This Message form Apache Log :
We Add these in httpd.conf m but still the same issue !!
Best regards,
shadi
The text was updated successfully, but these errors were encountered: