I have a PHP CMS which has setting section for the webstie. On these settings, it receives script codes automatically and then replaces into templates directly. The problem is that when the setting section is sent with Ajax for process, on the modsecurity server it blocks the post request with 403 error, because of the existence of script code on request data. We can solve this issue with the code bellow on htaccess, but it deactivates the mod security which is not make sense:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
If anyone have solution for this issue that I could post the modification script to ajax without request blockage? Is it possible to put those scripts on data with coding them?
DATA example :
stats: <img id='apfurgvizp' style='cursor:pointer' onclick='window.open("https://logo.samandehi.ir/Verify.aspx?id=539&p=dshwxlapfvl", "Popup","toolbar=no, scrollbars=no, location=no, statusbar=no, menubar=no, resizable=0, width=450, height=630, top=60")' alt='logo-samandehi' src='https://logo.samandehi.ir/logo.aspx?id=539&p=ujyshwlbsiy'/>
ERORR on send Ajax request :
403 Forbidden Error
Server specifications :
Centos 7 Cloud Linux CSF CXS modsecurity
CMS specifications :
pure PHP OOP
yes, disable entire mod_sec probably doesn't make much sense , but disable the single rule that cause the false-positive alert is.
you can use
<IfModule mod_security.c>
SecRuleRemoveById 1234567
</IfModule>
to disable that particular rule that cause the 403.