OpenCart Community

New findings --- When we implemented ModSecurity™ Tools with vendor OWASP ModSecurity Core Rule Set our Opencart site displayed strange behavior. We had to disable three of the 21 core rules to make our site act and preform normal again. Below are the three rules we had to disable. Hope this helps others who may have a VPS/server that has implemented ModSecurity™ Tools for Cpanel/WHM..

Rules we had to disable
rules/REQUEST-33-APPLICATION-ATTACK-PHP.conf
rules/REQUEST-41-APPLICATION-ATTACK-XSS.conf
rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf


Documentation if you want to review rules
https://documentation.cpanel.net/displa ... curity+CRS
https://www.owasp.org/index.php/Categor ... et_Project

It seems like mod_security is always causing more problems than it prevents.

We've been running without hiccups since last year July using the Comodo WAF rules. They are available as a vendor now as well for cPanel.

https://waf.comodo.com
Vendor for WHM: https://waf.comodo.com/doc/meta_comodo_apache.yaml

Just added Comodo as a Mod Security Vendor and the issue we had with OWASP ModSecurity Core Rule Set are not present anymore. There are 31 rules as well. We will have to put them through the paces. But so far no concerns.. Thanks for the link artcore.


YAML url for ModSecurity Apache Rule Set:
https://waf.comodo.com/doc/meta_comodo-apache.yaml

litespeed yaml rule set:
https://waf.comodo.com/doc/meta_comodo-litespeed.yaml

Use this rules to fix issues
https://github.com/padaliyajay/modsecurity-opencart