Just a question if this is a known problem:
I wanted to add some things in Settings/Custom/<head>[html].
I used the example from the help (?):
<meta name="p:domain_verify" content="xxxxxxx"/>.
When saving I get the following error
Error-->TextStatus: error.
In the server logs I get the following message:
Apache error: [client 91.248.82.127] ModSecurity: [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/12_asl_adv_xss_rules.conf"] [line "36"] [id "341256"] [rev "5"] [msg "Atomicorp.com WAF rules: Possible Cross Site Scripting attack (detectXSS)"] [data "{\\x22style\\x22:{\\x22layout\\x22:{\\x22layout\\x22:\\x22topbar-float\\x22,\\x22fixed\\x22:\\x22topbar-fixed\\x22,\\x22wide\\x22: true,\\x22overlay\\x22:true},\\x22skin\\x22:{\\x22skin\\x22:\\x22twilight\\x22,\\x22primary_color\\x22:\\x22goldenrod\\x22,\\x22clear\\x22: \\x22filled\\x22},\\x22font\\x22:{\\x22font\\x22:\\x22inconsolata:400,700|special elite|logo:small|topbar:special elite|sidebar:special elite|subheader: small|styled:inconsolata\\x22},\\x22logo\\x22:{\\x22enabled\\x22:true,\\x22title\\x22:\\x22hpd photo gallery\\x22,\\x22use_image\\x22:. .."] [severity "CRITICAL"] Access denied with code 403 (phase 2). XSS detected using libinjection. [hostname "pictures.hapede.de"] [uri "/panel/x3_settings.php"] [unique_id "ZxO6C7uPoxaMTgVRx4c5tQAAABI"], referer: https://pictures.hapede.de/panel/
This is not a problem for me, but maybe someone knows what the problem is.
Thanks.