WordPress.org

Ready to get started?Download WordPress

Forums

Simple Notices
Users getting blocked by ModSecurity (4 posts)

  1. RichmondJim
    Member
    Posted 1 year ago #

    Users are getting locked out of the server by ModSecurity for cPanel. Checking the log, I find error messages like:
    "Cross-site Scripting (XSS) Attack. Matched signature <.cookie>"] [severity "CRITICAL"] [hostname "**redacted**"] [uri "/wp-content/plugins/simple-notices/js/jquery.cookie.js"]
    Any chance you can update the plugin so that it does not generate files with the word "cookie" in the file name?

    http://wordpress.org/extend/plugins/simple-notices/

  2. The word "cookie" in the file name is causing the error message?

    jquery.cookie.js is a very common JS library used in hundreds of plugins / themes.

  3. RichmondJim
    Member
    Posted 1 year ago #

    Thanks for the speedy reply. It would appear that the block is caused by the word "cookie". After seeing about a dozen of these blocks over the last 24 hours, I Googled the error message and found that one user had rewritten the plug-in and associated files to use ".wookie" instead of .cookie and the problem resolved.

    Since you say that the jquery.cookie.js is a common library, I'll forward this first to our server engineer and see what he says. I'll post an update when I hear back from him.

    Thanks again!

  4. It seems really weird that the server would block it based on the file name, especially one so common as "cookie".

    Let me know what they say!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic