Cannot edit recipes – ModSecurity error

  • Resolved evisionarts

    (@alixmaryo)


    10 months, 4 weeks ago

    Hi there, I can no longer edit recipes. I can create them, but not edit them. I get a server 500 error. When I looked at the error logs there is a security warning:

    ModSecurity: Warning. detected SQLi using libinjection with fingerprint ‘n&nk1’ [file
    “/etc/modsecurity/mod_sec3_CRS/REQUEST-942-APPLICATION-ATTACK-SQLI.conf”] [line “65”] [id “942100”] [msg “SQL Injection Attack Detected via libinjection”] [data “Matched Data: n&nk1 found within ARGS:recipe.ingredients.ingredients.ingredients.ingredients.name: Juice and zest from 1 lemon”] [severity “CRITICAL”] [ver “OWASP_CRS/3.3.2”]

    and

    ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file “/etc/modsecurity/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf”] [line “93”] [id “949110”] [msg “Inbound Anomaly Score Exceeded (Total Score: 10)”] [severity “CRITICAL”] [ver “OWASP_CRS/3.3.2”]

    I’m using WP Recipe Maker Version 9.3.1 and WordPress 6.5 on dreamhost.

    Thank you for any help you can provide. – Mary

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Brecht

    (@brechtvds)

    Hi Mary,

    Looks like a ModSecurity rule that your webhost set up. I recommend contacting them to check what it’s triggering on.

    Thread Starter evisionarts

    (@alixmaryo)

    Whoops, sorry, just realized I forgot to come back and update this. Brecht was right, it was a ModSecurity rule the webhost had set up that caused the problem and they were able to fix it for me. Hope this helps anyone who has the same issue.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Cannot edit recipes – ModSecurity error’ is closed to new replies.