I have a Magento 2 site hosted on a VPS with Plesk.
A few days ago both frontend and backend showed error 404.
After taking the time to understand the problem, without success, I contacted my hosting provider who after a check identified the problem in “mod security”.
Then I initially disabled mod security and the site is visible again without any error.
The log error shows this type of error(my site oscured with xxx):
[Mon Jun 24 17:38:00.572617 2019] [:error] [pid 568:tid 140699999577856] [client 151.18.6.144:45598] [client 151.18.6.144] ModSecurity: Warning. Pattern match "(?:'\\xbf?\\x22|\\x22\\xbf?'|^\\+?$)" at REQUEST_COOKIES:mage-messages. [file "/etc/apache2/modsecurity.d/rules/comodo/02_Global_Generic.conf"] [line "199"] [id "211290"] [rev "3"] [msg "COMODO WAF: XSS and SQLi vulnerability||www.xxxxx.it|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.xxxxxx.it"] [uri "/customer/section/load/"] [unique_id "XRDuWM@02LUAAAI4PUkAAACX"], referer: https://www.xxxxxxxxx.it/
Here my questions, since it seems to be an important vulnerability:
- Does this vulnerability depend on a Magento 2.3.1 bug?
- in this case, what is the best configuration for mod security?
Thank you
