
Originally Posted by
YourHostingCompany
Access denied with code 406 (phase 2). Pattern match "(?:\b(?:(?:s(?:elect\b(?:.{1,100}?\b(?:(?:length|count|top)\b.{1,100}?\bfrom|fr om\b.{1,100}?\bwhere)|.*?\b(?:d(?:ump\b.*\bfrom|ata_type)|(?:to_(?:numbe|cha)|in st)r))|p_(?:(?:addextendedpro|sqlexe)c|(?:oacreat|prepar)e|execute(?:sql)?|makew ebtask)|ql_(? ..." at ARGS:name. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "83"] [id "950001"] [msg "SQL Injection Attack. Matched signature <and 1=>"] [severity "CRITICAL"]
Mod_sec is always gonna nail you on this before it gets to Zen cart which also would have done nothing with it as it scrubs the input before taking action