We noticed that the ModSecurity core rule set was sometimes too restrictive. We have therefore decided to remove the data leak rules (950-954) due to false alarms. These are rules that are intended to prevent an attacker from collecting information about the system, e.g. For example, if PHP code is returned instead of being executed. We have also deactivated the WAF in the backends of the following CMS systems: Neos, TYPO3 and Wordpress to simplify the use of our WAF.
If you notice any problems or have any further questions, do not hesitate to contact us.
Best for your Ops One team