06-25-2012, 06:25 PM
Specifically,
the part of:
Quote:ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\W{4,}" at ARGS:pDescription. [file "/hsphere/local/config/httpd2/modsecurity-core-rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "155"] [id "960024"] [rev "2.2.4"] [msg "SQL Character Anomaly Detection Alert - Repetative Non-Word Characters"] [data " />\\x0d\\x0a-"] [hostname "mywebsitename"] [uri "/xxxxxx/adminprods.php"] [unique_id "T@iWJn8AAAEADQkMVd4AAABK"]
the part of:
Quote:[data " />\\x0d\\x0a-"]translates to a CR;LF in ASCII. (Carriage Return; LineFeed). Check for a spurious return or \r\n in the data you are sending to SQL.