HEX
Server: Apache/2.4.57 (Unix) OpenSSL/1.1.1k
System: Linux server.eshhar.net 4.18.0-553.89.1.el8_10.x86_64 #1 SMP Mon Dec 8 03:53:08 EST 2025 x86_64
User: xdas (1048)
PHP: 7.4.33
Disabled: mail,sendmail
$ pwd: /usr/local/apache/modsecurity-cwaf/rules/
Upload Files
File: //usr/local/apache/modsecurity-cwaf/rules/28_Apps_WHMCS.conf
# ---------------------------------------------------------------
# Comodo ModSecurity Rules
# Copyright (C) 2022 Comodo Security solutions All rights reserved.
#
# The COMODO SECURITY SOLUTIONS Mod Security Rule Set is distributed under
# THE COMODO SECURITY SOLUTIONS END USER LICENSE AGREEMENT,
# Please see the enclosed LICENCE file for full details.
# ---------------------------------------------------------------
# This is a FILE CONTAINING CHANGED or MODIFIED RULES FROM THE:
# OWASP ModSecurity Core Rule Set (CRS)
# ---------------------------------------------------------------

SecRule REQUEST_FILENAME "@endsWith cart.php" \
	"id:222040,chain,msg:'COMODO WAF: WHMCS SQL injection detected||%{tx.domain}|%{tx.mode}|2',phase:2,deny,status:403,t:none,t:lowercase,rev:1,severity:2,tag:'CWAF',tag:'WHMCS'"
SecRule ARGS:address1|ARGS:address2|ARGS:city|ARGS:firstname|ARGS:lastname|ARGS:state "@containsWord aes_encrypt" \
	"t:none,t:lowercase"
@ Telegram