Title: Reverse Proxy securiy mod issue Last modified: October 17, 2017 --- # Reverse Proxy securiy mod issue * Resolved [alexemakovsk](https://wordpress.org/support/users/alexemakovsk/) * (@alexemakovsk) * [8 years, 7 months ago](https://wordpress.org/support/topic/reverse-proxy-securiy-mod-issue/) * Hello. Does anyone know what is going on? * I have a wordpress site, made with Elementor and Generate Press. Works great on my bluehost hosting. But my client has in house vpn reverse proxy hosting. He has an issue when he enables security mod, where he cant save page in elementor.( I contacted Elementor support they said contact wordpress and find out ” solution in getting mod security to work in such a way it doesn’t affect Elementor or other plugins.” * Here is what my client wrote: * > Ø I removed the below snippet as Elementor said “you’ll likely fall victim > to the same SQL Insertion hack” > SecFilterEngine > Off SecFilterScanPOST Off Ø Disable mod_security filter ONLY for > admin-ajax.php – I added this in .htaccess file but it didn’t work. Ø Remove > the “$” at the end of the related phrase in the filter rule – I enabled the > rule “SecRule HTTP_Content-Type “!(^$|^application/x-www-form-urlencoded$|^ > multipart/form-data)” and deleted the last $ – it worked for chrome and FF : > Elementor is opening in Chrome and FF. But in IE9 – it’s still not opening > and IE11 is throwing the below error in reverse proxy error log: Mon Oct 16 > 15:18:32.229228 2017] [:error] [pid 30931:tid 47390396381504] [client 133.164.69.53] > ModSecurity: Warning. Pattern match “\\\\b(\\\\d+) ?= ?\\\\1\\\\b|[\\\\’\\”](\\\\ > w+)[\\\\’\\”] ?= ?[\\\\’\\”]\\\\2\\\\b phase:2,capture,t:none,t:urlDecodeUni, > t:htmlEntityDecode,t:replaceComments,t:compressWhiteSpace,t:lowercase,ctl:auditLogParts > =+E,log,auditlog,msg:’SQL Injection'” at REQUEST_HEADERS:Cookie. [file “/u214/ > ReverseProxydev/Apache_2.4.27/conf/extra/httpd-security.conf”] [line “27”] [ > hostname “supportdev.fcpa.fujitsu.com”] [uri “/scanzentest/fcpawork/”] [unique_id“ > WeUwOIWkQAUAAHjTgEIAAADX”] We are still checking how to fix with IE. In the > meantime can you please contact Elementor to check on the 2nd rule I mentioned > previously? i.e., SecRule ARGS “@validateURLEncoding” – while trying to save > the work, we are still getting the same error ; it is not getting saved and > error log throwing the same error like before. Viewing 2 replies - 1 through 2 (of 2 total) * [John Torvik](https://wordpress.org/support/users/johntorvik/) * (@johntorvik) * [8 years, 7 months ago](https://wordpress.org/support/topic/reverse-proxy-securiy-mod-issue/#post-9595596) * Hello, * You need to contact your host provider to check this because this problem isn` t related to the Elementor and WordPress. * Sincerely, John T. * Thread Starter [alexemakovsk](https://wordpress.org/support/users/alexemakovsk/) * (@alexemakovsk) * [8 years, 7 months ago](https://wordpress.org/support/topic/reverse-proxy-securiy-mod-issue/#post-9596259) * Thank you! Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Reverse Proxy securiy mod issue’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 2 replies * 2 participants * Last reply from: [alexemakovsk](https://wordpress.org/support/users/alexemakovsk/) * Last activity: [8 years, 7 months ago](https://wordpress.org/support/topic/reverse-proxy-securiy-mod-issue/#post-9596259) * Status: resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics