Announcement

Collapse
No announcement yet.

Issues with Incapsula and vBulletin Connect

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Issues with Incapsula and vBulletin Connect

    Hi, we use Incapsula as a WAF and for DDoS protection. After upgrading from vBulletin 4 to Connect, I've been receiving a lot of reports (and have in fact experienced this issue myself) of an error being thrown by Incapsula when users are attempting to post or use various features of the site. After receiving another report from an end user, I dug into why the error was thrown and discovered this request made by the client:

    URL: /ajax/api/phrase/fetch (POST)
    Status: Blocked by security rules

    Code:
    phrases%5b%5d=admin&phrases%5b%5d=admin_auth&phrases%5b%5d=all_changes_made_will_be_lost_would_you_like_to_continue&phrases%5b%5d=april&phrases%5b%5d=attach_link&phrases%5b%5d=attach_video&phrases%5b%5d=august&phrases%5b%5d=cancel&phrases%5b%5d=cancel_edit&phrases%5b%5d=close&phrases%5b%5d=compare_versions&phrases%5b%5d=conversation&phrases%5b%5d=december&phrases%5b%5d=done&phrases%5b%5d=edit_conversation&phrases%5b%5d=email_addresses_must_match&phrases%5b%5d=error&phrases%5b%5d=error_loading_ckeditor_script&phrases%5b%5d=error_loading_editor&phrases%5b%5d=error_loading_post&phrases%5b%5d=error_posting_comment_code_x&phrases%5b%5d=error_saving_vote&phrases%5b%5d=error_x&phrases%5b%5d=existing_reply_will_be_deleted&phrases%5b%5d=february&phrases%5b%5d=flag_a_post&phrases%5b%5d=follow&phrases%5b%5d=follow_error&phrases%5b%5d=following&phrases%5b%5d=following_pending&phrases%5b%5d=following_remove&phrases%5b%5d=friday_min&phrases%5b%5d=go_to_first_new_post&phrases%5b%5d=hour&phrases%5b%5d=inlinemod_auth_login_failed&phrases%5b%5d=inlinemod_auth_login_first&phrases%5b%5d=inlinemod_auth_password_empty&phrases%5b%5d=invalid_data&phrases%5b%5d=invalid_data_requested&phrases%5b%5d=invalid_email_address&phrases%5b%5d=invalid_request&phrases%5b%5d=invalid_server_response_please_try_again&phrases%5b%5d=invalid_special_channel_subscribe_request&phrases%5b%5d=invalid_user_permissions&phrases%5b%5d=invalid_username_specified&phrases%5b%5d=invalid_username_specified_maxlength_x&phrases%5b%5d=invalid_username_specified_minlength_x&phrases%5b%5d=invalid_query_definition_x&phrases%5b%5d=january&phrases%5b%5d=join&phrases%5b%5d=joined&phrases%5b%5d=join_error&phrases%5b%5d=july&phrases%5b%5d=june&phrases%5b%5d=leave&phrases%5b%5d=loading&phrases%5b%5d=logged_out_while_editing_post&phrases%5b%5d=login&phrases%5b%5d=login_success_admin_auth&phrases%5b%5d=march&phrases%5b%5d=may&phrases%5b%5d=minute&phrases%5b%5d=moderator&phrases%5b%5d=monday_min&phrases%5b%5d=new_posts&phrases%5b%5d=no
    This post request was flagged by Incapsula as violating their security rules, specifically because it contained the word, "phrases." Unfortunately, I don't know enough about the API to determine if this was a valid request or if someone was attempting to do something malicious. If anyone else has experienced this with Incapsula, or can speak to the request this client made and whether or not it was valid I would greatly appreciate your input.

  • #2
    The request is valid. All text is loaded via phrases.

    You'll need to configure your server to accept phrases as a word in requests.
    Translations provided by Google.

    Wayne Luke
    The Rabid Badger - a vBulletin Cloud demonstration site.
    vBulletin 5 API

    Comment


    • #3
      Thanks very much, Wayne!

      Comment

      Related Topics

      Collapse

      Working...
      X