Using the latest version on CentOS 6.8 64-bit WHM/Cpanel. I added this to /usr/local/apache/conf/modsec2/whitelist.conf
#IPB posting
<LocationMatch "/index.php?app=members&module=messaging§ion=send&do=sendReply.*">
SecRuleRemoveById 300016
</LocationMatch>
It worked for over a month, however, I noticed that it gave a 500 server error when I tried to send a private message containing over 8 lines with Invision Power Board. If I type a few lines, it doesn't throw any error. This never happened on previous versions with the same lsws settings, haven't touched them in years.
Here is the entry from error_log:
[98.x.x.x:51321-0#APVH_forum.com] mod_security rule triggered!
[Mon Feb 16 22:58:32 2015] [error] [client 98.x.x.x] ModSecurity: Access denied with code 500, [Rule: 'ARGS' '(insert[[:space:]]+into.+values|select.*from.+[a-z|A-Z|0-9]|select.+from|bulk[[:space:]]+insert|union.+select|convert.+\(.*from)'] [id "300016"] [msg "Generic SQL injection protection"]
2015-02-16 22:58:32.916 NOTICE [98.x.x.x:51321-0#APVH_forum.com] Content len: 1072, Request line: 'POST /index.php?app=members&module=messaging§ion=send&do=sendReply&topicID=88900 HTTP/1.1'
Any ideas?
#IPB posting
<LocationMatch "/index.php?app=members&module=messaging§ion=send&do=sendReply.*">
SecRuleRemoveById 300016
</LocationMatch>
It worked for over a month, however, I noticed that it gave a 500 server error when I tried to send a private message containing over 8 lines with Invision Power Board. If I type a few lines, it doesn't throw any error. This never happened on previous versions with the same lsws settings, haven't touched them in years.
Here is the entry from error_log:
[98.x.x.x:51321-0#APVH_forum.com] mod_security rule triggered!
[Mon Feb 16 22:58:32 2015] [error] [client 98.x.x.x] ModSecurity: Access denied with code 500, [Rule: 'ARGS' '(insert[[:space:]]+into.+values|select.*from.+[a-z|A-Z|0-9]|select.+from|bulk[[:space:]]+insert|union.+select|convert.+\(.*from)'] [id "300016"] [msg "Generic SQL injection protection"]
2015-02-16 22:58:32.916 NOTICE [98.x.x.x:51321-0#APVH_forum.com] Content len: 1072, Request line: 'POST /index.php?app=members&module=messaging§ion=send&do=sendReply&topicID=88900 HTTP/1.1'
Any ideas?