Using the stock rules.conf with mod_security. One of the rules is:
SecFilterSelective REQUEST_URI "\.php(3|4|5)?(\?|&).*=(ht|f)tps?:/.*(\?|&)"
When I try to go to the following URL, mod_security blocks it:
I'm no expert in regular expressions by any means and am trying to figure out what part of the URL is setting it off. Is it the & in the rule being triggered by the numbers in the URL? Is there any harm in just commenting out this rule?