Title: Suspicious Query Strings Bug
Last modified: August 21, 2016

---

# Suspicious Query Strings Bug

 *  Resolved [MikeNGarrett](https://wordpress.org/support/users/mikengarrett/)
 * (@mikengarrett)
 * [12 years, 1 month ago](https://wordpress.org/support/topic/suspicious-query-strings-bug/)
 * I’m running iThemes Security Version 4.2.2 and WordPress 3.9.1 with nginx.
 * I noticed some issues with scripts loading on edit pages in the WP admin. It 
   seems that some of the security features I’ve enabled through the plugin are 
   incompatible with something on the edit page. The only thing out of the ordinary
   is Yoat SEO’s metabox.
 * The following was returning a 403 when editing a post:
    [http://xxx.com/wp-admin/load-scripts.php?c=1&load%5B%5D=jquery-core,jquery-migrate,utils,quicktags,jquery-ui-core,jquery-ui-widget,jquery-ui-mouse,jquery-ui-sortable,postbox,underscore&load%5B%5D=,backbone,wp-util,wp-backbone,media-models,plupload,json2,wp-plupload,mediaelement,wp-mediaelement,media-views&ver=3.9.1](http://xxx.com/wp-admin/load-scripts.php?c=1&load%5B%5D=jquery-core,jquery-migrate,utils,quicktags,jquery-ui-core,jquery-ui-widget,jquery-ui-mouse,jquery-ui-sortable,postbox,underscore&load%5B%5D=,backbone,wp-util,wp-backbone,media-models,plupload,json2,wp-plupload,mediaelement,wp-mediaelement,media-views&ver=3.9.1)
 * I disabled the following lines in my nginx config:
    # location ^wp-includes/(.*).
   php { deny all; } # location ^/wp-admin/includes(.*)$ { deny all; } # if ($args
   ~* “(globals|encode|localhost|loopback)”) { set $susquery 1; } # if ($args ~*“(
   request|select(?!ed)|insert|concat|union|declare)”) { set $susquery 1; } # if(
   $args ~* “(%0|%A|%B|%C|%D|%E|%F)”) { return 403; }
 * This seems to have fixed the issue, but I’m not entirely sure what it may have
   been as none of these args or locations was in the request.
 * [https://wordpress.org/plugins/better-wp-security/](https://wordpress.org/plugins/better-wp-security/)

Viewing 1 replies (of 1 total)

 *  [iThemes Support](https://wordpress.org/support/users/ithemes-support/)
 * (@ithemes-support)
 * [12 years, 1 month ago](https://wordpress.org/support/topic/suspicious-query-strings-bug/#post-4902706)
 * Hi,
 * Try updating your rules (resave your settings) as those rules were modified in
   an update a few weeks ago to address the issue.

Viewing 1 replies (of 1 total)

The topic ‘Suspicious Query Strings Bug’ is closed to new replies.

 * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351)
 * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/)
 * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/)

## Tags

 * [nginx](https://wordpress.org/support/topic-tag/nginx/)
 * [Yoast](https://wordpress.org/support/topic-tag/yoast/)

 * 1 reply
 * 2 participants
 * Last reply from: [iThemes Support](https://wordpress.org/support/users/ithemes-support/)
 * Last activity: [12 years, 1 month ago](https://wordpress.org/support/topic/suspicious-query-strings-bug/#post-4902706)
 * Status: resolved