Hi the following in adding xss to .htaccess file
resulted in some customers being baned on buy now if turned into forms and if customer entered an invalid credit card number

find
RewriteCond %{QUERY_STRING} (;|'|"|%22).*(union|select|insert|drop|update|md5| benchmark|or|and|if).* [NC]

im no expert in this but did ask on expert exchange what was causing the problem and above is what they recommended

and replace with
RewriteCond %{QUERY_STRING} (;|'|"|%22).*(union|select|insert|drop|update|md5| benchmark).* [NC]

file uploaded says the same thing




More...