Announcement

Collapse
No announcement yet.

Mod_security block editing and autosave the post

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Mod_security block editing and autosave the post

    Hello,

    After upgrading the 5.5.3 the error occurred when editing post. (

    Error

    Error information: " 0 parsererror SyntaxError: Unexpected token س in JSON at position 24"
    I troubledshooted the issue in my server and I found the mod_security is blocking the editing Post and i found the following :

    2019-07-24 00:27:36 www.sandroses.com 151.254.17.222 CRITICAL 404 941100: XSS Attack Detected via libinjection
    Hide
    Request:
    POST /abbs/create-content/Text/
    Action Description:
    Warning.
    Justification:
    detected XSS using libinjection.
    2019-07-24 00:28:23 www.sandroses.com 151.254.17.222 CRITICAL 404 941160: NoScript XSS InjectionChecker: HTML Injection
    Hide
    Request:
    POST /abbs/ajax/api/editor/autosave
    Action Description:
    Warning.
    Justification:
    Pattern match "(?i)<[^\\w<>]*(?:[^<>"'\\s]*?[^\\w<>]*(?:\\W*?s\\W*?c\\W*?r\\W*?i\\W*?p\\W*?t|\\W*?f\\W*?o\\W*?r\\W*?m|\\W*?s\\W*?t\\W*?y\\W*?l \\W*?e|\\W*?s\\W*?v\\W*?g|\\W*?m\\W*?a\\W*?r\\W*?q\\W*?u\\W*?e\\W*?e|(?:\\W*?l\\W*?i\\W*?n \\W*?k|\\W*?o\\W*?b\\W*?j\\W*?e\ ..." at ARGSagetext.
    Could you please help me to solve the issue.

    Remark: I use PHP 7.3

    Thanks
    http://www.vbulletin.com/forum/filed...ledataid=63608

  • #2
    You will need to amend or disable the rule that is causing the issue.
    This is not a vBulletin issue, but a server issue, so your hosts are the best starting point for this.
    MARK.B | vBULLETIN SUPPORT

    TalkNewsUK - My vBulletin 5.5.6 Demo
    AdminAmmo - My Cloud Demo

    Comment


    • #3
      Originally posted by Mark.B View Post
      You will need to amend or disable the rule that is causing the issue.
      This is not a vBulletin issue, but a server issue, so your hosts are the best starting point for this.
      I believe if there is an issue with the script it trigger the security of the server to run and block the script. In the previous release the issue was not exist.

      http://www.vbulletin.com/forum/filed...ledataid=63608

      Comment


      • #4
        Originally posted by sandrose View Post

        I believe if there is an issue with the script it trigger the security of the server to run and block the script. In the previous release the issue was not exist.
        There is no issue with the script. My advice above stands.
        MARK.B | vBULLETIN SUPPORT

        TalkNewsUK - My vBulletin 5.5.6 Demo
        AdminAmmo - My Cloud Demo

        Comment


        • #5
          The most likely cause of this issue is that you do not redirect HTTP requests to HTTPS. The two are not interchangeable and as time goes on, we will continue locking down security across the application as needed. This is a still a server configuration issue and not one with vBulletin. vBulletin will expect everything to be accessed under HTTPS since that is how you have it configured.
          Translations provided by Google.

          Wayne Luke
          The Rabid Badger - a vBulletin Cloud demonstration site.
          vBulletin 5 API - Full / Mobile
          Vote for your favorite feature requests and the bugs you want to see fixed.

          Comment


          • #6
            Originally posted by Wayne Luke View Post
            The most likely cause of this issue is that you do not redirect HTTP requests to HTTPS. The two are not interchangeable and as time goes on, we will continue locking down security across the application as needed. This is a still a server configuration issue and not one with vBulletin. vBulletin will expect everything to be accessed under HTTPS since that is how you have it configured.
            Thank you for your response.

            I disabled redirect to https and the following error was occurred when I edit a post:

            خطأ

            معلومات الخطأ: " 0 aborted server abort"
            http://www.vbulletin.com/forum/filed...ledataid=63608

            Comment


            • #7
              I really have no idea what is causing that. Your hosting provider is the best source of support with SERVER ERRORS such as a Server Abort.

              I didn't say disable anything. I said there is no redirect to HTTPS and it should be put into place.

              If you go to your site with HTTP, it loads. It shouldn't. It should ALWAYS redirect to HTTPS.
              Translations provided by Google.

              Wayne Luke
              The Rabid Badger - a vBulletin Cloud demonstration site.
              vBulletin 5 API - Full / Mobile
              Vote for your favorite feature requests and the bugs you want to see fixed.

              Comment

              Related Topics

              Collapse

              Working...
              X