Problem with Sourcebuster JS and ModSecurity

You included Sourcebuster JS in Woo 5.8.1.
It generates sbjs_ cookies that are causing conflicts with the Server’s ModSecurity.
ModSecurity understands these cookies as an attempted SQLmap attack, blocking the user.

[Tue Jan 16 10:53:08.566527 2024] [:error] [pid 3128216:tid 139630066206464] [client 168.xxx.xx.xxx:55286] [client 168.xxx.xx.xxx] ModSecurity: Access denied with code 403 (phase 2). Pattern match “[\\[\\]\\x22′,()\\.]{10}$|\\b(?:union\\sall\\sselect\\s(?:(?:null|\\d+),?)+|order\\sby\\s\\d{1,4}|(?:and|or)\\s\\d{4}=\\d{4}|waitfor\\sdelay\\s’\\d+:\\d+:\\d+’|(?:select|and|or)\\s(?:(?:pg_)?sleep\\(\\d+\\)|\\d+\\s?=\\s?(?:dbms_pipe\\.receive_message\\ …” at REQUEST_COOKIES:sbjs_current_add. [file “/usr/local/apache/modsecurity-cwaf/rules/22_SQL_SQLi.conf”] [line “66”] [id “218500”] [rev “18”] [msg “COMODO WAF: SQLmap attack detected||www.amopatinhas.com.br|F|2”] [data “Matched Data: |||rf=(none) found within REQUEST_COOKIES:sbjs_current_add: fd=2024-01-16 13:53:02|||ep=https:/www.amopatinhas.com.br/|||rf=(none)”] [severity “CRITICAL”] [tag “CWAF”] [tag “SQLi”] [hostname “www.xxxxxxxxxxxxxx.com.br”] [uri “/categoria-produto/meu-pet/cachorro/”] [unique_id “ZaaKRLagWD-rOM7bMCxOnAAAABY”], referer: https://www.xxxxxxxxxxxxxx.com.br/

I downgraded to Woo 8.4.0.

What do I do to be able to use the new version?

• This topic was modified 10 months, 1 week ago by daniloend.