Settings Save Error

  • Resolved Turk

    (@turk)


    1 year, 5 months ago

    Love this plugin. But anytime I try to save changes in the settings page I get an 500 Internal Server Error.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter Turk

    (@turk)

    1 year, 5 months ago

    Here is what is in my error.log on the server:

    https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.944635 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hhome_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hhome_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to %title%.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.944812 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hhome_template_no_anchor]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hhome_template_no_anchor]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22 class=\\x22%type%\\x22>%htitle%</span><meta property=\\x22url\\x22 content=\\x22%link%\\x22><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.944956 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hmainsite_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hmainsite_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to %title%.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.945105 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hmainsite_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hmainsite_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to %title%.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.945236 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hmainsite_template_no_anchor]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hmainsite_template_no_anchor]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22 class=\\x22%type%\\x22>%htitle%</span><meta property=\\x22url\\x22 content=\\x22%link%\\x22><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.945355 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hmainsite_template_no_anchor]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hmainsite_template_no_anchor]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22 class=\\x22%type%\\x22>%htitle%</span><meta property=\\x22url\\x22 content=\\x22%link%\\x22><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.945491 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hpost_post_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hpost_post_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to %title%.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.945614 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hpost_post_template_no_anchor]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hpost_post_template_no_anchor]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22 class=\\x22%type%\\x22>%htitle%</span><meta property=\\x22url\\x22 content=\\x22%link%\\x22><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.945756 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hpost_page_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hpost_page_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to %title%.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.945866 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hpost_page_template_no_anchor]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hpost_page_template_no_anchor]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22 class=\\x22%type%\\x22>%htitle%</span><meta property=\\x22url\\x22 content=\\x22%link%\\x22><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.946032 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hpost_attachment_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hpost_attachment_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to %title%.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.946163 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hpost_attachment_template_no_anchor]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hpost_attachment_template_no_anchor]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22 class=\\x22%type%\\x22>%htitle%</span><meta property=\\x22url\\x22 content=\\x22%link%\\x22><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.946352 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Htax_category_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Htax_category_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to the %title% category archives.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.946500 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Htax_category_template_no_anchor]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Htax_category_template_no_anchor]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22 class=\\x22%type%\\x22>%htitle%</span><meta property=\\x22url\\x22 content=\\x22%link%\\x22><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.946625 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Htax_post_tag_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Htax_post_tag_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to the %title% tag archives.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.946743 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Htax_post_tag_template_no_anchor]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Htax_post_tag_template_no_anchor]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22 class=\\x22%type%\\x22>%htitle%</span><meta property=\\x22url\\x22 content=\\x22%link%\\x22><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.946870 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Htax_post_format_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Htax_post_format_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to the %title% format archives.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.947007 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Htax_post_format_template_no_anchor]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Htax_post_format_template_no_anchor]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22 class=\\x22%type%\\x22>%htitle%</span><meta property=\\x22url\\x22 content=\\x22%link%\\x22><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.947127 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hauthor_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hauthor_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22>articles by: <a title=\\x22go to the first page of posts by %title%.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current>%htitle%</a></span><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.947288 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hdate_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hdate_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to the %title% archives.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.947415 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hdate_template_no_anchor]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hdate_template_no_anchor]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22 class=\\x22%type%\\x22>%htitle%</span><meta property=\\x22url\\x22 content=\\x22%link%\\x22><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.947544 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[Hsearch_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[Hsearch_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><span property=\\x22name\\x22>search results for '<a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to the first page of search results for %title%.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current>%htitle%</a>'</span><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.947695 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Pattern match "(?:\\\\bhttp/\\\\d|<(?:html|meta)\\\\b)" at ARGS:bcn_options[H404_template]. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "107"] [id "921130"] [msg "HTTP Response Splitting Attack"] [data "Matched Data: <meta found within ARGS:bcn_options[H404_template]: <span property=\\x22itemlistelement\\x22 typeof=\\x22listitem\\x22><a property=\\x22item\\x22 typeof=\\x22webpage\\x22 title=\\x22go to %title%.\\x22 href=\\x22%link%\\x22 class=\\x22%type%\\x22 bcn-aria-current><span property=\\x22name\\x22>%htitle%</span></a><meta property=\\x22position\\x22 content=\\x22%position%\\x22></span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272/220/34"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.974704 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. detected SQLi using libinjection with fingerprint 'sos' [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "65"] [id "942100"] [msg "SQL Injection Attack Detected via libinjection"] [data "Matched Data: sos found within ARGS:bcn_options[Hauthor_template_no_anchor]: <span class=\\x22%type%\\x22>Articles by: %htitle%</span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:17.974965 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. detected SQLi using libinjection with fingerprint 'sos' [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "65"] [id "942100"] [msg "SQL Injection Attack Detected via libinjection"] [data "Matched Data: sos found within ARGS:bcn_options[Hsearch_template_no_anchor]: <span class=\\x22%type%\\x22>Search results for '%htitle%'</span>"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:18.007927 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 125)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO0WPizMJxZAcZ6Su33gAAABM"], referer: https://www.hotelblues.com/wp-admin/options-general.php?page=breadcrumb-navxt
[Wed Nov 09 03:28:19.719306 2022] [:error] [pid 293545:tid 3886956115712] [client 68.187.77.160:56437] [client 68.187.77.160] ModSecurity: Warning. Matched phrase "/options-general.php" at REQUEST_HEADERS:Referer. [file "/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-00-LOCAL-WHITELIST.conf"] [line "27"] [id "1011"] [hostname "www.hotelblues.com"] [uri "/wp-admin/options-general.php"] [unique_id "Y2uO02PizMJxZAcZ6Su33wAAABU"], referer: https://www.hotelblues.com/wp-admin/options-general.php
    Plugin Author John Havlik

    (@mtekk)

    1 year, 5 months ago

    Looks like you have some ModSecurity rules that are tripping on a meta tag in the settings (in the breadcrumb templates). You’ll need to revisit your ModSecurity rules and update them to not trigger in this circumstance (logged in user in the WordPress admin area).

    Thread Starter Turk

    (@turk)

    1 year, 5 months ago

    Awesome that fixed it. Thank you!

    • This reply was modified 1 year, 5 months ago by Turk.
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Settings Save Error’ is closed to new replies.