WordPress.org

Ready to get started?Download WordPress

Forums

coppermine and referrer filter (7 posts)

  1. katootje
    Member
    Posted 6 years ago #

    Hi,

    If have wordpress installed with the coppermine plugin. Now they have a filter installed on the server which filters referrers like http://www.mydomein.com/index.php?and then something with http://www.anotherdomein etc.

    Somewhere in the integration wordpress-coppermine is this kind of referrer but I can't find it. On one wordpressblog everything is running fine, on the other i got stuck in this filter. It's always when I log in or out, so I was looking in the wp-login. But because I only get stuck in this filter in wordpress in the combination with this coppermine plugin, it must be something there. I've been looking in the plugin files, the wp-login, deactivate the coppermine plugin, deleted all the pluginfiles from the server and putt them back again, i've the idea that i have to look for the solution in the database. I can't figger out where. There must be a referrer to an url with http:// which causes the trouble. Is this an known problem? The filter is to stop hacking. Anyone know where to look in the database?

    Thanks

  2. whooami
    Member
    Posted 6 years ago #

    Now they have a filter installed on the server which filters referrers like http://www.mydomein.com/index.php?and then something with http://www.anotherdomein etc.

    Umm, what server? Are you talking about where you are hosted?

    What you are describing is a normal ruleset associated with mod_security, used to prevent php include exploits.

    Anyone know where to look in the database?

    Your database has nothing to do with anything you've described.

  3. katootje
    Member
    Posted 6 years ago #

    Yeh, the server where my website is hosted. Maybe it is a normal ruleset, but it's causing problems now, when I want to log in or out, i get the message that it's blocked. I know the database is not causing the problem, but some setting considering the coppermine plugin. All my settings of the plugin stay when i delete the plugin. So they must be in the database i think. I think it has something to do with sharing users of logging in together in coppermine and wordpress at the same time. I have this combination on several websites, but on 2 I've changed things. They also gave an errorpage both, when I logged in in the adminsection of wordpress. There was a short time the coppermine page, with error written in it, and after that time the adminpage of wordpress. I thought I found that problem, but now I have this filterproblems

  4. whooami
    Member
    Posted 6 years ago #

    I can tell you how to disable mod_security, if in fact, its causing problems.

    I am NOT going to go back and forth with you about your database.

  5. katootje
    Member
    Posted 6 years ago #

    I thought that was something on the server. How can I disable that? I know my provider developped a filter whcich controls if somebody is hacking a script like Joomla, Mambo phpBB, WordPress etc. In the information is says "When the filter is activated block all querystrings with ""=http://" will be blocked by the servers. Further they advise us change f.e. the refererchecks manually in the source so it won't be needed to use the querystring.

    If this is a mod_security I don't know. I only asume that somewhere in the script there is a querystring with =http://
    I hope you understand what i mean. I'm not native english and i tried to translate the letter from the provider

  6. whooami
    Member
    Posted 6 years ago #

    put this at the top of your .htaccess:

    <IfModule mod_security.c>
    SecFilterEngine Off
    </IfModule>
  7. katootje
    Member
    Posted 6 years ago #

    If i don't have a .htaccess do i have to make one and is this all that i have to put in or do i need more text?

Topic Closed

This topic has been closed to new replies.

About this Topic