Announcement

Collapse
No announcement yet.

Issues with Incapsula and vBulletin Connect

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
    ilfllc
    New Member

  • ilfllc
    replied
    Thanks very much, Wayne!

    Leave a comment:

  • Wayne Luke
    vBulletin Technical Support Lead

  • Wayne Luke
    replied
    The request is valid. All text is loaded via phrases.

    You'll need to configure your server to accept phrases as a word in requests.

    Leave a comment:

  • ilfllc
    New Member

  • ilfllc
    started a topic Issues with Incapsula and vBulletin Connect

    Issues with Incapsula and vBulletin Connect

    Hi, we use Incapsula as a WAF and for DDoS protection. After upgrading from vBulletin 4 to Connect, I've been receiving a lot of reports (and have in fact experienced this issue myself) of an error being thrown by Incapsula when users are attempting to post or use various features of the site. After receiving another report from an end user, I dug into why the error was thrown and discovered this request made by the client:

    URL: /ajax/api/phrase/fetch (POST)
    Status: Blocked by security rules

    Code:
    phrases%5b%5d=admin&phrases%5b%5d=admin_auth&phrases%5b%5d=all_changes_made_will_be_lost_would_you_like_to_continue&phrases%5b%5d=april&phrases%5b%5d=attach_link&phrases%5b%5d=attach_video&phrases%5b%5d=august&phrases%5b%5d=cancel&phrases%5b%5d=cancel_edit&phrases%5b%5d=close&phrases%5b%5d=compare_versions&phrases%5b%5d=conversation&phrases%5b%5d=december&phrases%5b%5d=done&phrases%5b%5d=edit_conversation&phrases%5b%5d=email_addresses_must_match&phrases%5b%5d=error&phrases%5b%5d=error_loading_ckeditor_script&phrases%5b%5d=error_loading_editor&phrases%5b%5d=error_loading_post&phrases%5b%5d=error_posting_comment_code_x&phrases%5b%5d=error_saving_vote&phrases%5b%5d=error_x&phrases%5b%5d=existing_reply_will_be_deleted&phrases%5b%5d=february&phrases%5b%5d=flag_a_post&phrases%5b%5d=follow&phrases%5b%5d=follow_error&phrases%5b%5d=following&phrases%5b%5d=following_pending&phrases%5b%5d=following_remove&phrases%5b%5d=friday_min&phrases%5b%5d=go_to_first_new_post&phrases%5b%5d=hour&phrases%5b%5d=inlinemod_auth_login_failed&phrases%5b%5d=inlinemod_auth_login_first&phrases%5b%5d=inlinemod_auth_password_empty&phrases%5b%5d=invalid_data&phrases%5b%5d=invalid_data_requested&phrases%5b%5d=invalid_email_address&phrases%5b%5d=invalid_request&phrases%5b%5d=invalid_server_response_please_try_again&phrases%5b%5d=invalid_special_channel_subscribe_request&phrases%5b%5d=invalid_user_permissions&phrases%5b%5d=invalid_username_specified&phrases%5b%5d=invalid_username_specified_maxlength_x&phrases%5b%5d=invalid_username_specified_minlength_x&phrases%5b%5d=invalid_query_definition_x&phrases%5b%5d=january&phrases%5b%5d=join&phrases%5b%5d=joined&phrases%5b%5d=join_error&phrases%5b%5d=july&phrases%5b%5d=june&phrases%5b%5d=leave&phrases%5b%5d=loading&phrases%5b%5d=logged_out_while_editing_post&phrases%5b%5d=login&phrases%5b%5d=login_success_admin_auth&phrases%5b%5d=march&phrases%5b%5d=may&phrases%5b%5d=minute&phrases%5b%5d=moderator&phrases%5b%5d=monday_min&phrases%5b%5d=new_posts&phrases%5b%5d=no
    This post request was flagged by Incapsula as violating their security rules, specifically because it contained the word, "phrases." Unfortunately, I don't know enough about the API to determine if this was a valid request or if someone was attempting to do something malicious. If anyone else has experienced this with Incapsula, or can speak to the request this client made and whether or not it was valid I would greatly appreciate your input.

Related Topics

Collapse

Working...
X