Hi, for the sake of my contact forms usability, I have disabled the following mod_security rules that were causing false positives:
SecRuleRemoveById 981242
SecRuleRemoveById 981172
SecRuleRemoveById 981173
SecRuleRemoveById 959070
SecRuleRemoveById 200003
SecRuleRemoveById 981318
SecRuleRemoveById 950901
SecRuleRemoveById 981256
SecRuleRemoveById 981257
SecRuleRemoveById 981231
SecRuleRemoveById 981245
Am I creating a security hole? Is there any safer alternative mod_security configuration?
thanks
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Click below to sign up and get $100 of credit to try our products over 60 days!
I actually followed that tutorial to setup mod_security on my server and I set up to the rules to be removed only in specific locations (those containing forms). The problem was not the module conflicting with my plugins but it being triggered when a user inputs a special character in any of my web forms (like % or $ or ’ or #).
So I removed and those rules in order to o disable the special character triggers.
It’s not a security hole. Here you need read it first:
Read: Excluding Hosts and Directories ModSecurity: Debian-Ubuntu
Read some example: Wordpress ModSecurity
Conclusion: Mod Security does not play nice with some apps in example WordPress or by some other application. You should also look for information related to the application you are using.