Access denied after search

The log file reports something, like:

cpg=https://[domain]/?s=s%C3%BCdafrika

This seems to trigger the denial of access due to “SQL-Injection”.

• This reply was modified 1 year, 1 month ago by ewerkstatt.

Can you paste here the exact log line showing the blocked request (or a screenshot of it), as I can’t think of anything that would trigger a “SQL injection” rule because of umlauts. ?s=s%C3%BCdafrika isn’t blocked by the firewall.

20/Feb/24 16:31:28 #3763586 HIGH 257 xx.yy.zz.xxx GET /index.php - SQL injection - [COOKIE:sbjs_session = pgs=2|||cpg=https://[domain]/?s=s%C3%BCdafrikaner] - [domain]

Rule number 257. Meanwhile I have disabled that rule and hope, it works for the editors.

In the line I removed only IP address and the domain.

• This reply was modified 1 year ago by ewerkstatt.
• This reply was modified 1 year ago by ewerkstatt.
• This reply was modified 1 year ago by ewerkstatt.

Same problem here! Hungarian language.

28/Feb/24 08:16:00 #5208340 HIGH 257 ***.***.***.*** GET /index.php - SQL injection - [COOKIE:sbjs_session = pgs=7|||cpg=https://www.********.hu/?s=s%C3%A1rk&post_type=product] - www..********.hu

• This reply was modified 1 year ago by peter78.

A new set of rules (2024-02-28.2) was released today, that should fix the issue: go to “NinjaFirewall > Security Rules” and click “Check for updates now”

Yes, the issue is fixed, thank you!

Thank you. I reactivated that rule. Let’s see, what’s going on now.