Ilan Shalev

Hello,

I tried to make the filter RTL, but didn’t able to do so.
is there any help about how to do that?

thanks,
Ilan

Hello again,

I found the rules to disabled:
981246
981245
and i disabled theme.
now the plugin works fine!

THANKS!!
I’m AWESOME!

Hello,

I found this on my server (I have a virtual server that I manage):

The security that blocking your script is:
ModSecurity? Tools
The Rule of ModSecurity have an Information:
A vendor configuration file provides this rule. You cannot edit vendor rules. You can enable or disable this rule with the controls below.

this is the rule (and it can not be changed):
SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAMES|ARGS|XML:/* “(?i:(?:,.*?[)\da-f\”‘][\"'](?:[\”‘].*?[\"']|\Z|[^\”‘`]+))|(?:\Wselect.+\W*?from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\s*?\(\s*?space\s*?\())” “phase:request, rev:’2′, ver:’OWASP_CRS/3.0.0′, maturity:’9′, accuracy:’8′, capture, t:none,t:urlDecodeUni, block, msg:’Detects MySQL comment-/space-obfuscated injections and backtick termination’, id:’981257′, tag:’application-multi’, tag:’language-mutli’, tag:’platform-multi’, tag:’attack-sqli’, tag:’OWASP_CRS/WEB_ATTACK/SQL_INJECTION’, logdata:’Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}’, severity:’CRITICAL’, setvar:’tx.msg=%{rule.msg}’, setvar:tx.sql_injection_score=+%{tx.critical_anomaly_score}, setvar:tx.anomaly_score=+%{tx.critical_anomaly_score}, setvar:’tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/SQLI-%{matched_var_name}=%{tx.0}'”

so the only thing i see is attack on the SQL, do you request cookies from the server or from the client? do the request try to go directly to the DB? how many requests do your plugin have in a second?

i still think something is wrong at the code. sorry.

i got this massage from the server log, if it helps:

Log entries:

[Sun Feb 14 12:58:51.444984 2016] [:error] [pid 32633] [client 31.154.158.133] ModSecurity: Access denied with redirection to https://www.shalevsoft.com/ using status 302 (phase 2). Pattern match “(?i:(?:,.*?[)\\\\da-f\\”‘][\\"'](?:[\\”‘].*?[\\"']|\\\\Z|[^\\”‘]+))|(?:\\\\Wselect.+\\\\W*?from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\\\s*?\\\\(\\\\s*?space\\\\s*?\\\\())" at REQUEST_COOKIES:yith_wcwl_products. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf"] [line "82"] [id "981257"] [rev "2"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data "Matched Data: ,\\x22quantity\\x22:1,\\x22wishlist_id\\x22:false}] found within REQUEST_COOKIES:yith_wcwl_products: [{\\x22prod_id\\x22:\\x22341\\x22,\\x22quantity\\x22:1,\\x22wishlist_id\\x22:false}]"] [severity "CRITICAL"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.shalevsoft.com"] [tag "application-multi"] [tag "language-mutli"] [tag "platform-multi"] [tag "attack-sqli"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "www.shalevsoft.com"] [uri "/"] [unique_id "VsBd68B0MQ0AAH95nBkAAAAA"] [Sun Feb 14 12:58:51.494751 2016] [:error] [pid 2019] [client 31.154.158.133] ModSecurity: Access denied with redirection to https://www.shalevsoft.com/ using status 302 (phase 2). Pattern match "(?i:(?:,.*?[)\\\\da-f\\"'][\\”‘](?:[\\"'].*?[\\”‘]|\\\\Z|[^\\"']+))|(?:\\\\Wselect.+\\\\W*?from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\\\s*?\\\\(\\\\s*?space\\\\s*?\\\\())” at REQUEST_COOKIES:yith_wcwl_products. [file “/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf”] [line “82”] [id “981257”] [rev “2”] [msg “Detects MySQL comment-/space-obfuscated injections and backtick termination”] [data “Matched Data: ,\\x22quantity\\x22:1,\\x22wishlist_id\\x22:false}] found within REQUEST_COOKIES:yith_wcwl_products: [{\\x22prod_id\\x22:\\x22341\\x22,\\x22quantity\\x22:1,\\x22wishlist_id\\x22:false}]”] [severity “CRITICAL”] [ver “OWASP_CRS/3.0.0”] [maturity “9”] [accuracy “8”] [tag “Host: https://www.shalevsoft.com”%5D [tag “application-multi”] [tag “language-mutli”] [tag “platform-multi”] [tag “attack-sqli”] [tag “OWASP_CRS/WEB_ATTACK/SQL_INJECTION”] [hostname “www.shalevsoft.com”] [uri “/”] [unique_id “VsBd68B0MQ0AAAfj7SMAAAAR”] [Sun Feb 14 12:58:51.541395 2016] [:error] [pid 1988] [client 31.154.158.133] ModSecurity: Access denied with redirection to https://www.shalevsoft.com/ using status 302 (phase 2). Pattern match “(?i:(?:,.*?[)\\\\da-f\\”‘][\\"'](?:[\\”‘].*?[\\"']|\\\\Z|[^\\”‘]+))|(?:\\\\Wselect.+\\\\W*?from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\\\s*?\\\\(\\\\s*?space\\\\s*?\\\\())" at REQUEST_COOKIES:yith_wcwl_products. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf"] [line "82"] [id "981257"] [rev "2"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data "Matched Data: ,\\x22quantity\\x22:1,\\x22wishlist_id\\x22:false}] found within REQUEST_COOKIES:yith_wcwl_products: [{\\x22prod_id\\x22:\\x22341\\x22,\\x22quantity\\x22:1,\\x22wishlist_id\\x22:false}]"] [severity "CRITICAL"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.shalevsoft.com"] [tag "application-multi"] [tag "language-mutli"] [tag "platform-multi"] [tag "attack-sqli"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "www.shalevsoft.com"] [uri "/"] [unique_id "VsBd68B0MQ0AAAfEvccAAAAI"] [Sun Feb 14 12:58:51.586806 2016] [:error] [pid 982] [client 31.154.158.133] ModSecurity: Access denied with redirection to https://www.shalevsoft.com/ using status 302 (phase 2). Pattern match "(?i:(?:,.*?[)\\\\da-f\\"'][\\”‘](?:[\\"'].*?[\\”‘]|\\\\Z|[^\\"']+))|(?:\\\\Wselect.+\\\\W*?from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\\\s*?\\\\(\\\\s*?space\\\\s*?\\\\())” at REQUEST_COOKIES:yith_wcwl_products. [file “/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf”] [line “82”] [id “981257”] [rev “2”] [msg “Detects MySQL comment-/space-obfuscated injections and backtick termination”] [data “Matched Data: ,\\x22quantity\\x22:1,\\x22wishlist_id\\x22:false}] found within REQUEST_COOKIES:yith_wcwl_products: [{\\x22prod_id\\x22:\\x22341\\x22,\\x22quantity\\x22:1,\\x22wishlist_id\\x22:false}]”] [severity “CRITICAL”] [ver “OWASP_CRS/3.0.0”] [maturity “9”] [accuracy “8”] [tag “Host: https://www.shalevsoft.com”%5D [tag “application-multi”] [tag “language-mutli”] [tag “platform-multi”] [tag “attack-sqli”] [tag “OWASP_CRS/WEB_ATTACK/SQL_INJECTION”] [hostname “www.shalevsoft.com”] [uri “/”] [unique_id “VsBd68B0MQ0AAAPWgkgAAAAD”] [Sun Feb 14 12:58:51.615974 2016] [:error] [pid 1985] [client 31.154.158.133] ModSecurity: Access denied with redirection to https://www.shalevsoft.com/ using status 302 (phase 2). Pattern match “(?i:(?:,.*?[)\\\\da-f\\”‘][\\"'](?:[\\”‘].*?[\\"']|\\\\Z|[^\\”‘`]+))|(?:\\\\Wselect.+\\\\W*?from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\\\s*?\\\\(\\\\s*?space\\\\s*?\\\\())” at REQUEST_COOKIES:yith_wcwl_products. [file “/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf”] [line “82”] [id “981257”] [rev “2”] [msg “Detects MySQL comment-/space-obfuscated injections and backtick termination”] [data “Matched Data: ,\\x22quantity\\x22:1,\\x22wishlist_id\\x22:false}] found within REQUEST_COOKIES:yith_wcwl_products: [{\\x22prod_id\\x22:\\x22341\\x22,\\x22quantity\\x22:1,\\x22wishlist_id\\x22:false}]”] [severity “CRITICAL”] [ver “OWASP_CRS/3.0.0”] [maturity “9”] [accuracy “8”] [tag “Host: https://www.shalevsoft.com”%5D [tag “application-multi”] [tag “language-mutli”] [tag “platform-multi”] [tag “attack-sqli”] [tag “OWASP_CRS/WEB_ATTACK/SQL_INJECTION”] [hostname “www.shalevsoft.com”] [uri “/”] [unique_id “VsBd68B0MQ0AAAfBfqkAAAAF”]

Hello,

I’ve moved the site to VPS and now it’s up and running again.
can you check it please?

Hi,

I tried the permalinks regeneration as you said,
but the problem persist.

see the site:
https://www.shalevsoft.com

thank you,

and another thing, no support to IE, i needed to copy all the inner style to the theme css.

Thanks Peter,

The Alternative worked just fine.

Hey that’s the site:
https://www.xn--9dbaak2de7a.net/

I bought the theme from Elegant at the last year.

Thanks

Peter,

The options you mentioned were there before, i didn’t changed them, they supposed to work, i deleted all my other plugins and still the same problem.

I guess your team didn’t check all the option.

Hi Peter,

I have the same issue as the others

No matter what I do with a post or page the Title I place in All in One SEO wont show, my theme always over rides this.

The new release 2.0 didn’t fix the problem, in fact the problem ocured after upgrade to the new release.

Thanks, Ilan