panfor
Forum Replies Created
-
So I’m working with my hosting company (ovh) on disabling this rule in modsecurity. Thank you for helping me find a solution. We can consider this topic closed.
Thanks.
👍 I think I have found related entry in error log:
[Wed Oct 06 13:49:30 2021] [error] [client 5.184.65.239] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\btable_name\\b" at ARGS_NAMES:table_name. [file "/usr/local/apache2/conf/modsecurity/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "197"] [id "959914"] [rev "2.1.1"] [msg "Blind SQL Injection Attack"] [data "table_name"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "XXXXX"] [uri "/kontag/wp-admin/admin.php"] [unique_id "YV2NSqIx7y7Fx3fusNdh4gAAAEo"]Mod_security doesn’t like the phrase “table_name”… What can I do with that?
There is mod_security active, but in error log there are no 403 errors associated with wpda requests. In addition, other WordPress installations (on the same server) run plugins that use Ajax without any problem. Thanks.
No, I have removed all plugins. There is only WordPress core and WP Data Access.
Thanks.
Thanks…
and response is HTML code of 403 Forbidden Error:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access this resource.</p> </body></html>