ENXF NET
Administrator
Staff member
Administrator
Moderator
+Lifetime VIP+
S.V.I.P.S Member
S.V.I.P Member
V.I.P Member
Collaborate
Registered
- Joined
- Nov 13, 2018
- Messages
- 29,585
- Points
- 823
Hi all,
When a user try's to register with a password like123!@# it gives an error: ModSecurity: Warning. detected SQLi using libinjection with fingerprint 'novc'
Normally, I would check the error id & ARGS to whitelist like so:SecRuleUpdateTargetById 932105 !ARGS:title
The issue is XenForo is using a hash as the name for the password field ARGS:f9bd18566cc2cb5b4e3344e7370007e25eb286cd:
Because the hash is different each time it's impossible for me to whitelist it.
Continue reading...
When a user try's to register with a password like123!@# it gives an error: ModSecurity: Warning. detected SQLi using libinjection with fingerprint 'novc'
Normally, I would check the error id & ARGS to whitelist like so:SecRuleUpdateTargetById 932105 !ARGS:title
The issue is XenForo is using a hash as the name for the password field ARGS:f9bd18566cc2cb5b4e3344e7370007e25eb286cd:
Because the hash is different each time it's impossible for me to whitelist it.
Continue reading...