Is WAF Triggering a False Positive? - Why?

Hello,

I installed Mautic.org an open-source automated marketing platform on a subdomain. I found when trying to save a submission when creating a landing page, I’m getting a 404 error in the console, and the page freezes.

Funneling down in the inspector I get the following error message locally.

Chrome Console Error

Opening and looking at the WAF logs, I see my submission generating the following entry.

Can someone explain what is happening and where the error belongs whether Cloudflare or Mautic?

The **“Please enable cookies.”**at the top of the console page is confusing as I checked and cookies exist and are being written in the browser.

In Mautic, if before saving I enter the page builder first, then come back and save the new page, it works.

Disabling WAF on the subdomain solves the problem.

Can someone point me in the proper direction to understanding what’s wrong and where it needs to be fixed?

Thanks,
John Wick

Usually this operation involves uploading a bunch of HTML codes with the <script> tag, and this is why most probably the request will trigger OWASP ruleset.

You can try to bypass the WAF for POST requests to /s/pages/new, like this:

3 Likes

Hi Eric,

That worked perfectly, thank you!

I’ll relay this information to the team over at Mautic to see if they can fix this from having to go this route.

Kind Regards,
John Wick

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.