Guys, could you please explain, why Magento adds the following rules in .htaccess by default:
<IfModule mod_security.c>
##########################################
#disable POST processing to not break multiple image upload
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
It is pretty fondly to disable the WAF and to believe that the Application is secure.
If mod_security conflicts with something, a specific URI or smth like that should be excluded from the WAF.
Do you have any idea?
