can you get any more information? what unix command does it think is being injected?
I think it’s mad because they have donate buttons in the content area
^ thats most likely it, yeah
yeah those are things that aren't security-friendly
i’m still very new to ModSecurity, so what will follow are probably some fairly stupid questions, but ¯_(ツ)_/¯
1) can I disable a specific rule using
.htaccess or the apache VirtualHost config? (having a hard time finding a straight answer on this)
2) can I disable a specific rule (like the one preventing access to the Files area) by turning off that rule if the request URI contains
/admin? (and would that be a good idea in the first place?)
havent used it myself, but i can offer my opinion on whether it would be a good idea - i think the answer is "if you trust the people in your admin section"