Support » Plugin: Events Manager » internal server error – event manager options

  • Resolved giblibjess

    (@giblibjess)


    I now get a 500 internal server error when trying to save settings in Event Manager Options. server error log gave me this:

    [Wed Apr 14 10:51:25.058175 2021] [:error] [pid 20578:tid 4033878955776] [client 172.58.155.153:34688] [client 172.58.155.153] ModSecurity: Rule 3ab4f706738 [id "932115"][file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-932-APPLICATION-ATTACK-RCE.conf"][line "295"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "www.giblib.org"] [uri "/wp-admin/edit.php"] [unique_id "YHcrnLO1ILnYyw6J-vuJXAAAACE"], referer: https://www.giblib.org/wp-admin/edit.php?post_type=event&page=events-manager-options
    [Wed Apr 14 10:51:25.176909 2021] [:error] [pid 20578:tid 4033878955776] [client 172.58.155.153:34688] [client 172.58.155.153] ModSecurity: Rule 3ab4f47c4e0 [id "932140"][file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-932-APPLICATION-ATTACK-RCE.conf"][line "413"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "www.giblib.org"] [uri "/wp-admin/edit.php"] [unique_id "YHcrnLO1ILnYyw6J-vuJXAAAACE"], referer: https://www.giblib.org/wp-admin/edit.php?post_type=event&page=events-manager-options
    [Wed Apr 14 10:51:25.187050 2021] [:error] [pid 20578:tid 4033878955776] [client 172.58.155.153:34688] [client 172.58.155.153] ModSecurity: Rule 3ab4f47c4e0 [id "932140"][file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-932-APPLICATION-ATTACK-RCE.conf"][line "413"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "www.giblib.org"] [uri "/wp-admin/edit.php"] [unique_id "YHcrnLO1ILnYyw6J-vuJXAAAACE"], referer: https://www.giblib.org/wp-admin/edit.php?post_type=event&page=events-manager-options
    [Wed Apr 14 10:51:25.187305 2021] [:error] [pid 20578:tid 4033878955776] [client 172.58.155.153:34688] [client 172.58.155.153] ModSecurity: Rule 3ab4f47c4e0 [id "932140"][file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-932-APPLICATION-ATTACK-RCE.conf"][line "413"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "www.giblib.org"] [uri "/wp-admin/edit.php"] [unique_id "YHcrnLO1ILnYyw6J-vuJXAAAACE"], referer: https://www.giblib.org/wp-admin/edit.php?post_type=event&page=events-manager-options
    [Wed Apr 14 10:51:26.745120 2021] [:error] [pid 20578:tid 4033878955776] [client 172.58.155.153:34688] [client 172.58.155.153] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "150"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 15)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.giblib.org"] [uri "/wp-admin/edit.php"] [unique_id "YHcrnLO1ILnYyw6J-vuJXAAAACE"], referer: https://www.giblib.org/wp-admin/edit.php?post_type=event&page=events-manager-options
    [Wed Apr 14 10:51:26.747396 2021] [:error] [pid 20578:tid 4032395454208] [client 172.58.155.153:34688] [client 172.58.155.153] ModSecurity: Warning. Operator GE matched 7 at TX:inbound_anomaly_score. [file "/dh/apache2/template/etc/mod_sec3_CRS/RESPONSE-980-CORRELATION.conf"] [line "87"] [id "980130"] [msg "Inbound Anomaly Score Exceeded (Total Inbound Score: 15 - SQLI=0,XSS=0,RFI=0,LFI=0,RCE=15,PHPI=0,HTTP=0,SESS=0): individual paranoia level scores: 15, 0, 0, 0"] [ver "OWASP_CRS/3.3.0"] [tag "event-correlation"] [hostname "www.giblib.org"] [uri "/wp-admin/edit.php"] [unique_id "YHcrnLO1ILnYyw6J-vuJXAAAACE"], referer: https://www.giblib.org/wp-admin/edit.php?post_type=event&page=events-manager-options
    [Wed Apr 14 10:52:13.254138 2021] [:error] [pid 20578:tid 4033778243328] [client 98.27.8.237:51781] [client 98.27.8.237] ModSecurity: Warning. Matched phrase "/wp-admin/edit.php" at REQUEST_HEADERS:Referer. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-00-LOCAL-WHITELIST.conf"] [line "50"] [id "1015"] [hostname "www.giblib.org"] [uri "/wp-admin/admin-ajax.php"] [unique_id "YHcrzbO1ILnYyw6J-vuJZwAAAA8"], referer: https://www.giblib.org/wp-admin/edit.php?post_type=event&page=events-manager-options

    Any help?

    • This topic was modified 3 months, 1 week ago by giblibjess.
Viewing 1 replies (of 1 total)
  • Plugin Author Marcus

    (@netweblogic)

    You probably need to contact your hosts about this, it sounds like their firewall is blocking our settings page from being submitted.

    Whilst it’s likely just an overly paranoid firewall, if they have feedback as to why that is being blocked from a security standpoint, I’d ask that you get in touch via http://wp-events-plugin.com/contact-us/

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.