Requests with object as parameter is getting blocked since of the Rule 949 as anomaly score is higher 5+ for the respective requests. As per definitions requests with score 4+ gets blocked.
Audit Logs / Triggered Rule Numbers
REQUEST-949-BLOCKING-EVALUATION.conf
Your Environment
CRS version (e.g., v3.2.0): v3.0.2
Paranoia level setting:
ModSecurity version (e.g., 2.9.3): v3/master
Web Server and version (e.g., apache 2.4.41): NGINX 1.16.1
Operating System and version: Amazon Linux AMI 2018.03
Framework : SailsJS 1.0
After disabling the rule requests are working as expected, once we enable this blocks all requests with object as input request parameter; whereas string / other types works properly.
Description
Requests with object as parameter is getting blocked since of the Rule 949 as anomaly score is higher 5+ for the respective requests. As per definitions requests with score 4+ gets blocked.
Audit Logs / Triggered Rule Numbers
REQUEST-949-BLOCKING-EVALUATION.conf
Your Environment
After disabling the rule requests are working as expected, once we enable this blocks all requests with object as input request parameter; whereas string / other types works properly.
Kindly assist.