Support » Plugin: Simple Notices » Users getting blocked by ModSecurity

  • Users are getting locked out of the server by ModSecurity for cPanel. Checking the log, I find error messages like:
    “Cross-site Scripting (XSS) Attack. Matched signature <.cookie>”] [severity “CRITICAL”] [hostname “**redacted**”] [uri “/wp-content/plugins/simple-notices/js/jquery.cookie.js”]
    Any chance you can update the plugin so that it does not generate files with the word “cookie” in the file name?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Pippin Williamson


    The word “cookie” in the file name is causing the error message?

    jquery.cookie.js is a very common JS library used in hundreds of plugins / themes.

    Thanks for the speedy reply. It would appear that the block is caused by the word “cookie”. After seeing about a dozen of these blocks over the last 24 hours, I Googled the error message and found that one user had rewritten the plug-in and associated files to use “.wookie” instead of .cookie and the problem resolved.

    Since you say that the jquery.cookie.js is a common library, I’ll forward this first to our server engineer and see what he says. I’ll post an update when I hear back from him.

    Thanks again!

    Plugin Author Pippin Williamson


    It seems really weird that the server would block it based on the file name, especially one so common as “cookie”.

    Let me know what they say!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Users getting blocked by ModSecurity’ is closed to new replies.