WordPress.org

Forums

Simple Notices
Users getting blocked by ModSecurity (4 posts)

  1. RichmondJim
    Member
    Posted 2 years ago #

    Users are getting locked out of the server by ModSecurity for cPanel. Checking the log, I find error messages like:
    "Cross-site Scripting (XSS) Attack. Matched signature <.cookie>"] [severity "CRITICAL"] [hostname "**redacted**"] [uri "/wp-content/plugins/simple-notices/js/jquery.cookie.js"]
    Any chance you can update the plugin so that it does not generate files with the word "cookie" in the file name?

    http://wordpress.org/extend/plugins/simple-notices/

  2. Pippin Williamson
    Pippin's Plugins and Plugin Reviewer
    Plugin Author

    Posted 2 years ago #

    The word "cookie" in the file name is causing the error message?

    jquery.cookie.js is a very common JS library used in hundreds of plugins / themes.

  3. RichmondJim
    Member
    Posted 2 years ago #

    Thanks for the speedy reply. It would appear that the block is caused by the word "cookie". After seeing about a dozen of these blocks over the last 24 hours, I Googled the error message and found that one user had rewritten the plug-in and associated files to use ".wookie" instead of .cookie and the problem resolved.

    Since you say that the jquery.cookie.js is a common library, I'll forward this first to our server engineer and see what he says. I'll post an update when I hear back from him.

    Thanks again!

  4. Pippin Williamson
    Pippin's Plugins and Plugin Reviewer
    Plugin Author

    Posted 2 years ago #

    It seems really weird that the server would block it based on the file name, especially one so common as "cookie".

    Let me know what they say!

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Simple Notices
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic