we often use webEdition, a german PHP and MySQL based CMS for webpages.
Last week I installed it the first time on a server obviously running ASL.
Installation was OK, but as soon as I try to add a new page with webEdtion I receive an error: 403 - forbidden.
Here is the message from error.log:
What can I do to change this?[Mon Apr 14 14:14:38 2014] [error] [client 93.190.xxx.xxx] ModSecurity: Access denied with code 403 (phase 2). detected SQLi using libinjection with fingerprint 'nc' [file "/etc/httpd/modsec/11_asl_adv_rules.conf"] [line "67"] [id "341245"] [rev "6"] [msg "Atomicorp.com WAF Rules: Possible SQL injection attack (detectSQLi)"] [data "nc"] [severity "CRITICAL"] [hostname "kfz-gutachter-jk.de"] [uri "/webEdition/we_cmd.php"] [unique_id "U0vRLlXsO-wAABjPN58AAAAA"]
I called the provider, he obviously doesn't know what that means ...
I called webEdition, they don't know it either ...
Greetings from Heidelberg, Germany
Harald.
