I have the latest moodle version. Our servers administrator uses a Web Application Firewall on all of the servers.
We are facing a problem at the moodle server, as the firewall blocks most of the moodle EDITING actions; for example if I want to edit a Label, when I go to save it the firewall blocks this action as an Sql Injection issue!!
When I try to upload an image within a label the system allows me to upload the image but when I want to save the label the firewall blocks this action for Known Exploits Error!!
The firewall blocks our moodle in the following categories:
Cross Site Scripting,SQL Injection,Generic Attacks, and Known Exploits. To make moodle works, we are forced to disable the firewall which exposing it to threats.
Could you please inform me if there are any actions that I should do before applying a web application firewall of my moodle server.