Problem Mod security WAF rules info for readers.

[ikkeben]

ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n|\\\\r)+(?:get|post|head|options|connect|put|delete|trace|propfind|propatch|mkcol|copy|move|lock|unlock)\\\\s+" at MATCHED_VAR. [file "/usr/local/cwaf/rules/12_HTTP_Protocol.conf"] [line "137"] [id "23333"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack||thiswebsitefffffon box|F|2"] [data "Matched Data: put found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"]

So the normal English text "PUT" in content , edited with a admin access php wysiwig and then on klick on save gives a 403 forbidden error and that log result.

But that "PUT" is there almost a year now, no problems before.

So for who have problems with Problem Mod security, i think something changed and not all Apllications ( PHP webshop system here) does like this .