AspDotNetStorefront 22.214.171.124 fails with ModSecurity
by hbopuri on Tuesday, 29 September 2015
Currently rated 5 by 1 people
ModSecurity is an open-source web application firewall that has been widely deployed on Apache based web servers to protect web applications from security vulnerabilities and has recently been made available in a stable version for IIS based servers from version 7.X and above.
When I installed ModSecurity on my IIS and configured ASPDNSF 126.96.36.199, it was failing to log in to the application. After lot of troubleshooting, I found that ModSecurity is blocking the sign in request, due to potential SQL injection attach threat in ASPDNSF code.