Background Request

Hi @danishhaidri,

This is caused by Wordfence finding potentially malicious content within the background request.

Can you let me know what plugin you were using when this warning appeared?

This is usually caused when you are typing in special characters such as < or > within a form and submitting it.

If you trust the plugin you were using when that warning appeared, you can safely whitelist the action.

However, if that warning just appeared randomly, and you don’t know what plugin is causing it, can you follow these steps?

1. Go to Wordfence -> Tools -> Live Traffic
2. You should be able to find a blocked row
3. Expand that row, and see why the connection was blocked

Dave

Hi Dave,
Thank you for your reply. This is what I see:

blocked by firewall for SQL Injection in POST body: data=%3Cp%3E%5Bvc_row%5D%5Bvc_column%5D%5Bvc_custom_heading%20text%3D%22%26gt%3B%26gt%3B%20Ramadan%20Kare… at https://www.jobsfornationals.com/wp-admin/admin-ajax.php

This is me logging in. I have never had these errors before. What should I do? Should I just select the ‘whitelist param from firewall’?

Hi again,

I took a look at that query string, and it looks like it’s from the plugin, Visual Composer.

If you’re using that plugin, you can safely whitelist that parameter in the firewall.

You can also whitelist it manually by…

1. Going to Wordfence -> All Options
2. Scroll down until you see Whitelisted URLs
3. Put / for the URL
4. Select Param Type: POST Body
5. Put data for the Param Name
6. Click Add, and then Save Changes

Dave