Web Hosting
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WordPress fix Reverse Proxy securiy mod issue

Discussion in 'Misc WordPress Requests' started by alexemakovsk, Oct 17, 2017.

  1. alexemakovsk

    Guest

    Reverse Proxy securiy mod issue, by alexemakovsk

    Hello. Does anyone know what is going on?

    I have a wordpress site, made with Elementor and Generate Press. Works great on my bluehost hosting.
    But my client has in house vpn reverse proxy hosting.
    He has an issue when he enables security mod, where he cant save page in elementor. (I contacted Elementor support they said contact wordpress and find out ” solution in getting mod security to work in such a way it doesn’t affect Elementor or other plugins.”

    Here is what my client wrote:


    Ø I removed the below snippet as Elementor said “you’ll likely fall victim to the same SQL Insertion hack”
    <IfModule mod_security.c>
    SecFilterEngine Off
    SecFilterScanPOST Off
    </IfModule>
    Ø Disable mod_security filter ONLY for admin-ajax.php – I added this in .htaccess file but it didn’t work.
    Ø Remove the “$” at the end of the related phrase in the filter rule – I enabled the rule “SecRule HTTP_Content-Type “!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)” and deleted the last $ – it worked for chrome and FF : Elementor is opening in Chrome and FF. But in IE9 – it’s still not opening and IE11 is throwing the below error in reverse proxy error log:
    Mon Oct 16 15:18:32.229228 2017] [:error] [pid 30931:tid 47390396381504] [client 133.164.69.53] ModSecurity: Warning. Pattern match “\\\\b(\\\\d+) ?= ?\\\\1\\\\b|[\\\\’\\”](\\\\w+)[\\\\’\\”] ?= ?[\\\\’\\”]\\\\2\\\\b phase:2,capture,t:none,t:urlDecodeUni,t:htmlEntityDecode,t:replaceComments,t:compressWhiteSpace,t:lowercase,ctl:auditLogParts=+E,log,auditlog,msg:’SQL Injection'” at REQUEST_HEADERS:Cookie. [file “/u214/ReverseProxydev/Apache_2.4.27/conf/extra/httpd-security.conf”] [line “27”] [hostname “supportdev.fcpa.fujitsu.com”] [uri “/scanzentest/fcpawork/”] [unique_id “WeUwOIWkQAUAAHjTgEIAAADX”]
    We are still checking how to fix with IE. In the meantime can you please contact Elementor to check on the 2nd rule I mentioned previously? i.e., SecRule ARGS “@validateURLEncoding” – while trying to save the work, we are still getting the same error ; it is not getting saved and error log throwing the same error like before.

    Reverse Proxy securiy mod issue
     
    #1

Share This Page

Web Hosting