HEX
Server: Apache/2
System: Linux nexus-01 4.18.0-553.120.1.el8_10.x86_64 #1 SMP Mon Apr 20 18:04:27 EDT 2026 x86_64
User: aglcoke (1118)
PHP: 8.2.31
Disabled: mail,exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /usr/local/cwaf/rules/
Upload Files
File: //usr/local/cwaf/rules/28_Apps_WHMCS.conf
# ---------------------------------------------------------------
# Comodo ModSecurity Rules
# Copyright (C) 2022 Comodo Security solutions All rights reserved.
#
# The COMODO SECURITY SOLUTIONS Mod Security Rule Set is distributed under
# THE COMODO SECURITY SOLUTIONS END USER LICENSE AGREEMENT,
# Please see the enclosed LICENCE file for full details.
# ---------------------------------------------------------------
# This is a FILE CONTAINING CHANGED or MODIFIED RULES FROM THE:
# OWASP ModSecurity Core Rule Set (CRS)
# ---------------------------------------------------------------

SecRule REQUEST_FILENAME "@endsWith cart.php" \
	"id:222040,chain,msg:'COMODO WAF: WHMCS SQL injection detected||%{tx.domain}|%{tx.mode}|2',phase:2,deny,status:403,t:none,t:lowercase,rev:1,severity:2,tag:'CWAF',tag:'WHMCS'"
SecRule ARGS:address1|ARGS:address2|ARGS:city|ARGS:firstname|ARGS:lastname|ARGS:state "@containsWord aes_encrypt" \
	"t:none,t:lowercase"
@ Telegram