ModSecurity blocks ERDDAP queries containing '(' and ')' characters

Brought to you by: victorhora, zimmerletw

ModSecurity blocks ERDDAP queries containing '(' and ')' characters

Forum: Rules

Creator: Lorenzo Corgnati

Created: 2024-02-08

Updated: 2024-02-08

Lorenzo Corgnati - 2024-02-08

Hi everybody,
I have installed ModSecurity on a XUbuntu 22.04 virtual machine running ERDDAP and ncWMS for data distribution.
I installed ModSecurity via apt install libapache2-mod-security2 and then I enabled it via a2enmod security2
I have then installedOWASP Core ùruel Set v3.3.0.

While running ERDDAP I noticed that the queries for requesting data were blocked if containing '(' or ')' characters.

Is this a bug or should I set a rule for this? If the latter is the case, how the rule should be set?

Thanks

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.