Report false positive mod_sec rules
Forum
  1. Forums
  2. Imunify360
  3. Imunify360 and Imunify Sensor
  1. Morten
  2. Thursday, 02 January 2020
  3.  Subscribe via email
Hello,

From time to time we see FP mod_sec rules and need to disable them for a user or on all servers.
But what is the best way to report it to you so you can fix it?

In this case it's this rule for Apache:

77230780: IM360 WAF: XSS vulnerability in Ultimate Member - User Profile & Membership plugin 2.0.29 and before 2.0.28 for WordPress (CVE-2018-17866)||MVN:ARGS_POST:um_options[welcome_email]||MV: style=\"max-width: 560px; padding: 20px; background: #ffffff; border-radius: 5px; margin: 40px auto; font-family: Open Sans,Helvetica,Arial; font-size: 15px; color: #666;\">\r\n style=\"color: #444444; font-weight: normal;\">\r\n style=\"text-align: center; font-weight: 600; font-size: 26px; padding: 10px 0; border-bottom: solid 3px #eeeeee;\">{site_name}>\r\n style=\"clear: both;\">\xc2\xa0>\r\n>\r\n style=\"padding: 0 30px 30px 30px; border-bottom: 3px solid #eeeeee;\">\r\n style=\"padding: 30px 0; font-size: 24px; text-align: center; line-height


Customer has version 2.1.2 of this WP plugin.
Rate this post:
  1. 02.01.2020 15:01:21
  2. # 1
Sergey Khristich Accepted Answer
Posts: 226
Joined: 20.05.2019
0
Votes
Undo
Hello Morten,
At the moment there is no mechanism to report false by the rules, only files https://docs.imunify360.com/command_line_interface/#submit-false-positive-false-negative. You can do this with a ticket indicating the number of the rule that must be made false. Please let us know if you have any questions.
Thanks in advance!
Marketing Manager
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.