Problem with payment gateway

  • Resolved ExpertLink

    (@expertlink)


    10 years, 10 months ago

    Hi there
    With FW enabled I have a problem with my payment gateway while submitting the payment information back to my site:

    Anfrageparameter gesendet :
    orderID=GymWear%5F46498%5F125&currency=CHF&amount=418&PM=PostFinance+Card&ACCEPTANCE=123456&STATUS=9&CARDNO=&ED=&TRXDATE=07%2F10%2F15&PAYID=43708292&NCERROR=0&BRAND=PostFinance+Card&CREDITDEBIT=&IPCTY=CH&CCCTY=CH&ECI=5&CVCCheck=&VC=&COMPLUS=dd24967db50f7c42e1bc58e1efa0162f0940274f&IP=188%2E60%2E13%2E49&cw%5Ftransaction%5Fid=46498%5F125&cw%5Ftransaction%5Ftoken=47d6951f9bb7012ca3ef5a26485c5258b6e6be9a&SHASIGN=0A762661FFBA564086B7B61A517978BAC4566FF3ED1E7DBB21E6D7756FEBE1C6299694DB4ECC07E029E0EC3AD57D2B6567C4A1D764ECDF8F55786326823A4D45
    HTTP/1.1 403 Forbidden

    Any specific setting to avoid this problem?

    Thank you for support,
    Frank

    https://ww.wp.xz.cn/plugins/ninjafirewall/

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author nintechnet

    (@nintechnet)

    10 years, 10 months ago

    Hi,

    Can you check the firewall log (NinjaFirewall > Firewall Log) and paste here the line showing why it blocked you?

    Thread Starter ExpertLink

    (@expertlink)

    10 years, 10 months ago

    seams to be this line:

    10/Jul/15 16:46:59 #8404910 medium 531 212.23.45.97 POST /wp-content/plugins/woocommerce_postfinancecw/endpoint.php – Suspicious bots/scanners – [HTTP_USER_AGENT = Mozilla/3.0 (compatible; Indy Library)]

    Plugin Author nintechnet

    (@nintechnet)

    10 years, 10 months ago

    “Mozilla/3.0 (compatible; Indy Library)” is a rather old browser signature, that is why it is marked as a bot/scanner.

    You will need to go to “Firewall Policies > HTTP_USER_AGENT server variable” and disable “Block suspicious bots/scanners”.

    Thread Starter ExpertLink

    (@expertlink)

    10 years, 10 months ago

    yes, this works!

    Thank you for this quick solution.

    Best regards,
    Frank

    Thread Starter ExpertLink

    (@expertlink)

    10 years, 10 months ago

    sorry, resolved

    Thread Starter ExpertLink

    (@expertlink)

    10 years, 8 months ago

    Hi there

    The firewall is blocking one of my PCs while logging in as admin.
    The log message is:
    #5264168 high 109 81.221.159.213 POST /wp-login.php – XSS (leading greater-than sign) – [POST:pwd = > …

    Any idea what I can do there?

    Thanks,
    Frank

    Plugin Author nintechnet

    (@nintechnet)

    10 years, 8 months ago

    Hi,

    You either need to disable rules 109 with the built-in “Rules Editor” or to change your password and ensure it does not contain either a leading quote (‘) or a leading greater-than sign (>) because both are often used to perform XSS or SQL injection from a HTML form.

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘Problem with payment gateway’ is closed to new replies.