Pages won’t save

  • cvandijk

    (@cvandijk)


    6 years ago

    I’m having an issue with my WordPress. I had built a site for a client, we were in the editing mode. I had the pages built but were making changes to the content. I started having problem with the pages suddenly not saving. When I hit the update button, I got a 404 code saying the page didn’t exsist. I won’t hit the back button and try again. I am using WPBakery page builder. So I would use a different element, sometimes it worked and sometimes it didn’t. But it got to the point that it stopped allowing me to save. I saved the permalinks again, removeed the theme and un-installed the plugins. Nothing worked. When I contacted the hosting company, they said it was because of WordPress and was not willing to help. I figured it was too. So yesterday, I completely removed the entire site and started over. New install, new database. I also used a different theme. This theme also using WPBakery – which btw I don’t think is the problem, I’m only telling you this so you have all the information. Everything was working fine. Then, as I was rebuilding the home page, it started happening again. This time I knew it was not because of what I was doing.

    So I contacted the hosting company again and asked them to check the error log. And this is their response:

    I have tried recreating the error from your Dashboard and it looks like the mod_security error is causing the problem. I have checked the server logs and found the below information:

    
[Sat Nov 10 22:01:15.594513 2018] [:error] [pid 25405:tid 140369341634304] [client 69.18.23.103:65010] [client 69.18.23.103] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "academyforhealthmastery.com"] [uri "/wp-admin/post.php"] [unique_id "W@ebe-R6bR3Yhq59jdLBiAAAAMY"], referer: https://academyforhealthmastery.com/wp-admin/post.php?post=16&action=edit
[Sat Nov 10 22:01:16.886031 2018] [:error] [pid 25405:tid 140369341634304] [client 69.18.23.103:65010] [client 69.18.23.103] ModSecurity: Warning. Operator GE matched 5 at TX:inbound_anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/RESPONSE-980-CORRELATION.conf"] [line "37"] [id "980130"] [msg "Inbound Anomaly Score Exceeded (Total Inbound Score: 10 - SQLI=0,XSS=10,RFI=0,LFI=0,RCE=0,PHPI=0,HTTP=0,SESS=0): NoScript XSS InjectionChecker: HTML Injection"] [tag "event-correlation"] [hostname "academyforhealthmastery.com"] [uri "/cgi-sys/ea-php56/index.php"] [unique_id "W@ebe-R6bR3Yhq59jdLBiAAAAMY"], referer: https://academyforhealthmastery.com/wp-admin/post.php?post=16&action=edit

    So the mod_security id:949110 and id:980130 are getting triggered and is causing the error. Mod_security is an apache module that helps to protect your website from various attacks. It is used to block commonly known exploits by use of regular expressions and rule sets and is enabled in our servers by default. Mod Security scans for violations of the rules it has set. If an action occurs that violates one of these rules, the server will throw a 403 error.

    More details:

    
SecRule TX:ANOMALY_SCORE "@ge %{tx.inbound_anomaly_score_threshold}" "msg:'Inbound Anomaly Score Exceeded (Total Score: %{TX.ANOMALY_SCORE})', severity:CRITICAL, phase:request, id:949110, t:none    , deny, log, tag:'application-multi', tag:'language-multi', tag:'platform-multi', tag:'attack-generic', setvar:tx.inbound_tx_msg=%{tx.msg}, setvar:tx.inbound_anomaly_score=%{tx.anomaly_score}"

SecRule TX:INBOUND_ANOMALY_SCORE "@ge %{tx.inbound_anomaly_score_threshold}" "phase:logging, id:980130, t:none, log,noauditlog, pass, tag:'event-correlation', msg:'Inbound Anomaly Score Exceeded     (Total Inbound Score: %{TX.INBOUND_ANOMALY_SCORE} - SQLI=%{tx.sql_injection_score},XSS=%{tx.xss_score},RFI=%{tx.rfi_score},LFI=%{tx.lfi_score},RCE=%{tx.rce_score},PHPI=%{tx.php_injection_score}    ,HTTP=%{tx.http_violation_score},SESS=%{tx.session_fixation_score}): %{tx.inbound_tx_msg}'"

    Since the severity of the issue is CRITICAL we are unable to permanently white-list your domain from these rules. So please check this with your website developer and rectify the cause for this issue as our support on coding is very limited.

    _________________________

    I responded back that because this is a completely new install with new plugins and theme and I’m still getting this response, the issue is being created on the server. I need help either telling the hosting company what to do because they are not being helpful or what i can do on my site to fix this issue.

Viewing 1 replies (of 1 total)

  • You said you tried a “new database”. Was it empty or did you import all the content?
    I would start by disabling all plugins and use a base theme. Install the “Health Check” plugin and post it’s findings.

Viewing 1 replies (of 1 total)
  • The topic ‘Pages won’t save’ is closed to new replies.