Actually already did and that what they wrote me:

==============================
We've found out that the ModSecurity rule "211540" triggered on "WebShop/index.php?rt=catalog/download&s=admin123&token=nVh5dB1bBaQJyspZwWYq6KwdtxBfmI89" request - "SQL Injection Attack"

[Mon Feb  4 09:18:04 2019] [error] [client 5.102.238.211] ModSecurity: Access denied with code 403, [Rule: 'ARGS|ARGS_NAMES|REQUEST_COOKIES|REQUEST_COOKIES_NAMES|XML:/*|!ARGS:/body/|!ARGS:/content/|!ARGS:customized|!ARGS_NAMES:dynamic_object[object_type]|!ARGS:desc|!ARGS:/description/|!ARGS:/message/|!ARGS_NAMES:object_id|!ARGS_POST:object_id|!ARGS:/password/|!ARGS_NAMES:/password/|!ARGS_NAMES:/product_main_image_data\[\d+]\[object_id]/|!ARGS:Post|!ARGS:text|!REQUEST_COOKIES:/__utm/|!REQUEST_COOKIES:/_pk_ref/|!ARGS:sql_query|!ARGS_NAMES:column_name' '(?i:\b(?:t(?:able_name\b|extpos[^a-zA-Z0-9_]{1,}\()|(?:a(?:ll_objects|tt(?:rel|typ)id)|column_(?:id|name)|mb_users|object_(?:id|(?:nam|typ)e)|pg_(?:attribute|class)|rownum|s(?:ubstr(?:ing){0,1}|ys(?:c(?:at|o(?:lumn|nstraint)s)|dba|ibm|(?:filegroup|object|(?:process|tabl)e)s))|user_(?:group|password|(?:ind_column|tab(?:_column|le)|user|(?:constrain|objec)t)s)|xtype[^a-zA-Z0-9_]{1,}\bchar)\b)|(?:\b(??:instr|locate)[^a-zA-Z0-9_]{1
 ,}\(|(?:attnotnull|c(?:harindex|onstraint_type)|m(?:sys(?:column|object|relationship|(?:ac|queri)e)s|ysql\.(db|user))|s(?:elect\b.{0,40}\b(?:ascii|substring|users{0,1})|ys\.(?:all_tables|tab|user_(?:c(?:atalog|onstraints)|(?:object|t(?:ab(?:_column|le)|rigger)|view)s)))|waitfor\b[^a-zA-Z0-9_]{0,}?\bdelay)\b)|@@spid\b))'] [id "211540"] [rev "12"] [msg "COMODO WAF: Blind SQL Injection Attack"] [logdata "Matched Data: rowNum found within {"table_id":"download_grid","sortname":"name","sortorder":"desc","selrow":null,"page":1,"rowNum":20,"postData":{"_search":false,"nd":1549293437529,"rows":20,"page":1,"sidx":"name","sord":"desc"},"search":false}: {"table_id":"download_grid","sortname":"name","sortorder":"desc","selrow":null,"page":1,"rowNum":20,"postData":{"_search":false,"nd":1549293437529,"rows":20,"page":1,"sidx":"name","sord":"desc"},"search":false}"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"]
==============================

What is that? A bug?
Why did it happen? What shall be done to prevent it from happening again?

Thank you,

David

Hi,

In the previous post my WebShop was called with some parameters:
    https://dalsoft.com/WebShop/index.php?rt=product/search&keyword=a&category_id=0

Is there documentation describing supported parameters for an AbanterCart's created shop?

May be by invoking the site in a certain way would produce the desirable affect.

Thank you,

David

Looks good, thank you!

But how do I force this order during the default invocation - right after invoking "https://dalsoft.com/WebShop/" ?

I have it set to "Price High>Low".

Is that the parameter that I shall use to affect the products listing in the Web Shop?

Hi,

Unable to establish desirable order of the products as they appear on the AbanterCart's created shop.

Parameter from
 System->Settings->General->Sort Products as default by
seems to have no effect at all ( try all of them ) - the products appear in the order they were introduced and stay that way.

What shall be done?

Thank you,

David

Hi,

When using the AbanteCart-created shop on ( Android ) tablet, the icon displayed is always one that belongs to AbanteCart ( works fine on a workstation ). I tried to use as an icon png and icon files, doesn't make any difference. Actually sometimes during initialization on a tablet, the custom icon appears for short time being promptly replaced by the AbanteCart icon.

What could cause that and how to fix?

Thank you,

David

Attached

I tried to delete it but getting:

Warning: This content cannot be deleted as it is currently assigned as the default store account terms!

.
Which in fact is an error message as it refuses to delete the item.

If not delete, can I at least move it out to become a main level and not a sub-level item.