OWASP Core Rules + jquery.cookie.min.js issue
I currently have ModSecurity" and the OWASP ModSecurity Core Rule Set installed on my server via ModSecurity" Vendors.
I'm bumping into constant issues with jquery.cookie.min.js getting triggered by rule 950004 as "Cross-site Scripting (XSS) Attack".
I know this is a false positive and all the research I've done on it indicates this is due to outdated rules. I believe this issue was addressed and modsec rules were patched to not flag these files; yet they are indeed still getting flagged.
Does this mean the OWASP rules that were installed/running are not up to date?
-
The patch you linked is several years old, so likely it did not fix all false positive cases. You may just want to whitelist that rule if it is causing you problems; rules like SQL injection and XSS protection are often impossible to get perfect for everyones use. 0 -
Hello :) You should also use the "WHM Home " ModSecurity" Tools " Hits List " Report Rule" option to report the rule if it's not working as intended. Thank you. 0
Please sign in to leave a comment.
Comments
2 comments