mod_security says "remote file access attempt", severity "critical", tag "web attack/file injection" data "/etc/"
now that's scary enough and I am happy that mod_security blocks that type of request. or should it?
what is the proper way?
- ISPC3 code to be modified not to trigger any modsecurity alerts (currently I do not know if the ajax functions in ISPC are a potential vulnerability?)
- modify mod_security rules to allow these requests from ISPC panel.