Wordfence blocking BBPress post for SQL injection?

  • Resolved punkum

    (@punkum)


    4 years, 3 months ago

    Hi
    I have been posting to a private BBPress blog that I also manage/host daily for years.
    I use two different logins
    – one as ADMIN to run the site
    – one as USER to post my daily post, and there are 4 others who also post.

    TODAY – for the first time ever, my post (as User) was blocked. Traffic logging shows:

    and was blocked by firewall for SQL Injection in POST body: bbp_reply_content=Kate%20-%20health%20%26amp%3B%20safety%20ALWAYS%20come%20first…

    I tried several times. I tried logging out and back in to our site.

    What is the problem? How do I fix this?
    tx

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter punkum

    (@punkum)

    Additional Info: Tried posting as the Admin exact same content, same computer – no problem.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @punkum, thanks for the information so far and reaching out to us.

    Can you please share the full details of the block in Wordfence > Tools > Live Traffic? Because the message above is truncated, I can’t see whether there is a real attempt at hijacking the POST with SQL injection code. Please share the expanded details, this will give us an idea of whether this is a false positive or not. Feel free to use Snipboard if it’s not easy to copy and format the text here.

    Does your admin user appear on any whitelist/allowlist that might cause it to have skipped Wordfence rules when posting?

    Thanks,

    Peter.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @punkum,

    As I haven’t heard back from you in a while this issue may no longer be present for you. Please don’t hesitate to start a new topic if you have Wordfence issues in the future and we will be glad to help out.

    Thanks,

    Peter.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Wordfence blocking BBPress post for SQL injection?’ is closed to new replies.