Support » Plugin: WP Store Locator » Cant change any settings

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author Tijmen Smit

    (@tijmensmit)

    Could you ask your host if mod_security is active on the server? http://www.modsecurity.org/ I had one user in the past who had the same problem as you, and in that case mod_security was the reason it failed.

    I haven’t had time to implement a fix for it, but if it’s active on your host then I will make a custom version so you can test it out. So let me know what they say. Or check the apache log file yourself and search for ‘
    modsec_rules’

    Thread Starter simoncav

    (@simoncav)

    Hi Tijmen,
    Thanks for the prompt response on this. Yes it does appear that my host uses mod-security as I can see its presence on the log files, although I’m awaiting formal confirmation from their support team.

    Thanks and best regards,

    Simon

    Plugin Author Tijmen Smit

    (@tijmensmit)

    Can you send the part of the log file where it mentions modsec_rules to info at tijmensmit.com?

    Thread Starter simoncav

    (@simoncav)

    Hi Tijmen,

    Is this what you want?

    [Wed Apr 23 08:06:50 2014] [error] [client 200.46.73.42] Invalid URI in request GET HTTP/1.1 HTTP/1.1
    [Wed Apr 23 08:06:50 2014] [error] [client 200.46.73.42] ModSecurity: [file “/etc/httpd/modsecurity.d/50_asl_rootkits.conf”] [line “58”] [id “390145”] [rev “11”] [msg “Atomicorp.com WAF Rules: Rootkit attack: Generic Attempt to install shell”] [severity “CRITICAL”] Access denied with code 403 (phase 2). Match of “rx (?:/event\\\\.ng/|horde/services/go\\\\.php|tiki-view_cache\\\\.php|^/\\\\?out=http://|homecounter\\\\.php\\\\?offerid=.*ureferrer=http|__utm\\\\.gif\\\\?|/plugins/wpeditimage/editimage\\\\.html|/spc\\\\.php)” against “REQUEST_URI” required. [hostname “showmethehoney.org”] [uri “/”] [unique_id “YGoYYG1LoQUAAHvv96IAAAAS”]
    [Wed Apr 23 08:07:55 2014] [error] [client 157.55.36.35] File does not exist: /var/www/vhosts/beegood.co.uk/showme/robots.txt
    [Wed Apr 23 08:15:13 2014] [error] [client 157.56.93.72] File does not exist: /var/www/vhosts/beegood.co.uk/showme/robots.txt

    Plugin Author Tijmen Smit

    (@tijmensmit)

    Can you search in the logfile for ‘wpsl_search[radius]’ and see if that returns any hits? If so, then the log data around it is what I would like to see 🙂

    Thread Starter simoncav

    (@simoncav)

    Tue Apr 22 22:49:32 2014] [warn] [client 86.173.244.157] mod_fcgid: stderr: PHP Warning: Creating default object from empty value in /var/www/vhosts/beegood.co.uk/showme/wp-content/plugins/Anticipate/anticipate-maintenance-plugin.php on line 119, referer: http://www.showmethehoney.org/wp-admin/plugins.php?action=delete-selected&checked%5B0%5D=cookie-notice%2Fcookie-notice.php&plugin_status=all&paged=1&s&_wpnonce=71445d73c9
    [Tue Apr 22 23:11:10 2014] [error] [client 86.173.244.157] ModSecurity: [file “/etc/httpd/modsecurity.d/11_asl_adv_rules.conf”] [line “79”] [id “341245”] [rev “19”] [msg “Atomicorp.com WAF Rules: Possible SQL injection attack (detectSQLi)”] [data “1,(1),ARGS:wpsl_search[radius]”] [severity “CRITICAL”] Access denied with code 403 (phase 2). detected SQLi using libinjection with fingerprint ‘1,(1)’ [hostname “www.showmethehoney.org”] [uri “/wp-admin/options.php”] [unique_id “5LAJvG1LoQUAAFCF6NsAAAAg”]
    [Tue Apr 22 23:12:43 2014] [error] [client 86.173.244.157] ModSecurity: [file “/etc/httpd/modsecurity.d/11_asl_adv_rules.conf”] [line “79”] [id “341245”] [rev “19”] [msg “Atomicorp.com WAF Rules: Possible SQL injection attack (detectSQLi)”] [data “1,(1),ARGS:wpsl_search[radius]”] [severity “CRITICAL”] Access denied with code 403 (phase 2). detected SQLi using libinjection with fingerprint ‘1,(1)’ [hostname “www.showmethehoney.org”] [uri “/wp-admin/options.php”] [unique_id “6j9Ox21LoQUAAFdNe4UAAAAR”]
    [Tue Apr 22 23:27:29 2014] [error] [client 86.173.244.157] ModSecurity: [file “/etc/httpd/modsecurity.d/11_asl_adv_rules.conf”] [line “79”] [id “341245”] [rev “19”] [msg “Atomicorp.com WAF Rules: Possible SQL injection attack (detectSQLi)”] [data “1,(1),ARGS:wpsl_search[radius]”] [severity “CRITICAL”] Access denied with code 403 (phase 2). detected SQLi using libinjection with fingerprint ‘1,(1)’ [hostname “www.showmethehoney.org”] [uri “/wp-admin/options.php”] [unique_id “Hwq@121LoQUAAHhp3R8AAABD”]
    [Wed Apr 23 00:27:50 2014] [error] [client 86.173.244.157] ModSecurity: [file “/etc/httpd/modsecurity.d/11_asl_adv_rules.conf”] [line “79”] [id “341245”] [rev “19”] [msg “Atomicorp.com WAF Rules: Possible SQL injection attack (detectSQLi)”] [data “1,(1),ARGS:wpsl_search[radius]”] [severity “CRITICAL”] Access denied with code 403 (phase 2). detected SQLi using libinjection with fingerprint ‘1,(1)’ [hostname “www.showmethehoney.org”] [uri “/wp-admin/options.php”] [unique_id “9uJY721LoQUAAHe-8I4AAAAE”]

    Plugin Author Tijmen Smit

    (@tijmensmit)

    Thanks, that’s what I was looking for. Could you send me an email at info at tijmensmit.com? Then I can send you a fix once I have made one and you can test if it fixed the issue.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Cant change any settings’ is closed to new replies.