Issue with Elementor Pro

  • Resolved RicardoRVM

    (@ricardorvm)


    4 years, 7 months ago

    Hello:

    I have an incompatibility problem between Complianz plugin and Elementor Pro. If both are active, the front page of my website disappears and gives a 403 Forbidden error. It only happens on the front page (https://alnus.eltallerdeagitalo.es/) and not on other pages of the website (https://alnus.eltallerdeagitalo.es/quienes-somos/, for example). It is strange, because I have both plugins installed on many websites and they work correctly, even on the same server, but on this website they seem to be incompatible. I have sent this report to Elementor, in case it is a problem of theirs.

    Best regards

    • This topic was modified 4 years, 7 months ago by RicardoRVM.

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor Jarno Vos

    (@jarnovos)

    4 years, 6 months ago

    Hi @ricardorvm,

    We use Elementor & Complianz on our own sites as well, and haven’t received other reports about this. As you also state that the combination works fine on your other sites, I’d assume that the issue is isolated to this specific environment.

    The 403 Forbidden error means that the server understood the request, but that the access is denied. In most cases, this is related to security plugins/strict security settings.

    Do you know of any security plugins/settings that might differ from your other environments? I would recommend starting there.

    Just let me know if you have any updates about this.
    Kind regards,
    Jarno

    Thread Starter RicardoRVM

    (@ricardorvm)

    4 years, 6 months ago

    Hello:

    Well, since I also have Complianz running with Elementor pro on numerous websites, and what you tell me about security, I have changed the modsecurity firewall on the server from enabled to detection only, and now the website loads perfectly.

    It’s a bit weird, actually, because on the same server I have two other websites working fine with both plugins.

    I found this in the modsecurity log about a 403 response that I’m unable to understand:

    --efa92453-F--
HTTP/1.1 403 Forbidden
Content-Length: 243
Connection: close
Content-Type: text/html; charset=iso-8859-1

--efa92453-H--
Message: Access denied with code 403 (phase 2). Matched phrase "w00tw00t.at.blackhats.romanian.anti-sec" at REQUEST_FILENAME. [file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/03_Global_Agents.conf"] [line "38"] [id "211010"] [rev "1"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site||194.35.43.200|F|1"] [data "/w00tw00t.at.blackhats.romanian.anti-sec:)"] [severity "ALERT"] [tag "CWAF"] [tag "Agents"]
Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 139.59.140.199] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "w00tw00t.at.blackhats.romanian.anti-sec" at REQUEST_FILENAME. [file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/03_Global_Agents.conf"] [line "38"] [id "211010"] [rev "1"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site||194.35.43.200|F|1"] [data "/w00tw00t.at.blackhats.romanian.anti-sec:)"] [severity "ALERT"] [tag "CWAF"] [tag "Agents"] [hostname "194.35.43.200"] [uri "/w00tw00t.at.blackhats.romanian.anti-sec:)"] [unique_id "XidFeqWYREgK7fPzxB0powAAAI4"]
Action: Intercepted (phase 2)
Stopwatch: 1579631994099724 4647 (- - -)
Stopwatch2: 1579631994099724 4647; combined=893, p1=597, p2=229, p3=0, p4=0, p5=67, sr=144, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.3 (http://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"

    Regards

    • This reply was modified 4 years, 6 months ago by RicardoRVM.
    Plugin Contributor Jarno Vos

    (@jarnovos)

    4 years, 6 months ago

    Hi @ricardorvm,

    The attached log looks unrelated, a quick Google search on the matched phrase “w00tw00t.at…” mentioned reveals that this might have been a request made by a bot/tool that tried scanning your website (but the request was blocked).

    But just to confirm, with the current configuration this works as intended?

    Kind regards,
    Jarno

    Thread Starter RicardoRVM

    (@ricardorvm)

    4 years, 6 months ago

    Hello, Jarno:

    Yes, it works now. What happens is that it’s a bit weird that other websites with the same plugins work on the same server, and for this one I have to lower the security.

    But it works.

    Thanks and best regards

    Plugin Contributor Mathieu Paapst

    (@paapst)

    4 years, 6 months ago

    Hi @ricardorvm

    Great to hear that your issue is resolved! Could you tell us what you think of the plugin or the support by casting your Review here? We’d love to hear your feedback!

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Issue with Elementor Pro’ is closed to new replies.

Tags