iThemes Security (formerly Better WP Security)
[resolved] Suspicious Query Strings Bug (2 posts)

  1. MikeNGarrett
    Posted 10 months ago #

    I'm running iThemes Security Version 4.2.2 and WordPress 3.9.1 with nginx.

    I noticed some issues with scripts loading on edit pages in the WP admin. It seems that some of the security features I've enabled through the plugin are incompatible with something on the edit page. The only thing out of the ordinary is Yoat SEO's metabox.

    The following was returning a 403 when editing a post:

    I disabled the following lines in my nginx config:
    # location ^wp-includes/(.*).php { deny all; }
    # location ^/wp-admin/includes(.*)$ { deny all; }
    # if ($args ~* "(globals|encode|localhost|loopback)") { set $susquery 1; }
    # if ($args ~* "(request|select(?!ed)|insert|concat|union|declare)") { set $susquery 1; }
    # if ($args ~* "(%0|%A|%B|%C|%D|%E|%F)") { return 403; }

    This seems to have fixed the issue, but I'm not entirely sure what it may have been as none of these args or locations was in the request.


  2. iThemes Support
    Posted 10 months ago #


    Try updating your rules (resave your settings) as those rules were modified in an update a few weeks ago to address the issue.


You must log in to post.

About this Plugin

About this Topic