gleanweb's Replies | WordPress.org

Forum Replies Created

Viewing 3 replies - 1 through 3 (of 3 total)

Forum: Plugins
In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] 403 forbidden

Thread Starter gleanweb
(@gleanweb)

7 years, 3 months ago

Thanks, Dave. I added the script to the whitelist. The first time I then ran the script it again balked, but gave me the option on the 403 Forbidden page to whitelist it. I checked that box and it all seems to work now.

Forum: Plugins
In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] 403 forbidden

Thread Starter gleanweb
(@gleanweb)

7 years, 3 months ago

I have systematically gone through the POSTed inputs and found that what triggers the Wordfence block in the $_POST array is:

[sqlquery] => select farm, contact1, phone1, address, city, state, zip from sites

Is this because of the name of the variable?
Or does Wordfence recognize the string as an sql query and block it for that reason?
Or something else?

The whole point of the page is to write and save customized sql queries. The POSTed input is rigorously sanitized on the server and the page is password-protected.

Forum: Plugins
In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] 403 forbidden

Thread Starter gleanweb
(@gleanweb)

7 years, 3 months ago

Hi Dave,
Thanks for the note. The $_POST array looks like this:
Array
(
[title] => All sites +Site stats+
[sqlquery] => select farm, contact1, phone1, address, city, state, zip from sites order by farm
[list] => Show this report
[terms] =>
[querynum] => 3
)

@gleanweb

Viewing 3 replies - 1 through 3 (of 3 total)