[Mod-security-rules] Unicode characters and false positives
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[Mod-security-rules] Unicode characters and false positives
|
From: Faris Al-S. <fa...@gm...> - 2013-11-04 05:33:46
|
Hi. We have a form in which users post text, that contains non-English characters (e.g. "ā" etc.). Sometimes these characters, especially in combination with quotes and other special symbols, produce false positives. For example a simple string "ābc" (quotes including) gets processed as "\x22\xc4\x81bc\x22" by modsecurity, and matched by, for example, rule 981245 (among others) producing a false positive. It's a bit frustrating to disable rules, which cause these false positives one-by-one - is there any other way besides that to work around this issue, for example, exclude a subset of unicode characters from filtering? |
