Forum Replies Created

Viewing 5 replies - 1 through 5 (of 5 total)
  • Hi @longnguyen,

    What would you like to see ? I only have access to a basic error log. This is what I am seeing.

    [Sun Dec 22 19:49:11.422192 2019] [:error] [pid 1022383:tid 139919078643456] [client 59.120.34.106:49749] [client 59.120.34.106] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/etc/apache2/conf.d/modsecurity.d/12_asl_adv_xss_rules.conf”] [line “49”] [id “341257”] [rev “1”] [msg “JS WAF Rules: Possible Cross Site Scripting attack (detectXSS) in URL/URI”] [data “/wp-tss/wp-content/plugins/onepress-plus/onepress-plus.css?ver=2.1.8”] [severity “CRITICAL”] [hostname “domain.co.nz”] [uri “/wp-tss/wp-content/plugins/onepress-plus/onepress-plus.css”] [unique_id “XgAPByX9woPdfhm1Oz4KHQAAABE”], referer: https://domain.co.nz/
    [Sun Dec 22 19:49:11.715010 2019] [:error] [pid 1022383:tid 139919045072640] [client 59.120.34.106:49749] [client 59.120.34.106] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/etc/apache2/conf.d/modsecurity.d/12_asl_adv_xss_rules.conf”] [line “49”] [id “341257”] [rev “1”] [msg “JS WAF Rules: Possible Cross Site Scripting attack (detectXSS) in URL/URI”] [data “/wp-tss/wp-content/plugins/onepress-plus/assets/js/onepress-plus.js?ver=2.1.8”] [severity “CRITICAL”] [hostname “domain.co.nz”] [uri “/wp-tss/wp-content/plugins/onepress-plus/assets/js/onepress-plus.js”] [unique_id “XgAPByX9woPdfhm1Oz4KLgAAADk”], referer: https://domain.co.nz/

    martyyn

    (@martyyn)

    Thank you.

    In the end I used different images and text positioning based on breakpoints to get around it.

    Thanks for the reply.

    In the end I wrote my own piece of code using an empty <div> in the section content and css styles to ensure it’s responsive for all screens.

    Took a bit of trial and error but seems to work ok.

    Hi shrimp2t,

    Yep, I’ve done that with no change.

    But….I’ve just done it again and opened the site in Chrome’s incognito mode and it’s fine again !

    Thanks

    Yep me too. It’s not displaying on the login form and no-one can log in so I’ve had to disable it.

    I’ll try and set it up somewhere quiet, my main site has people logging in all the time.

Viewing 5 replies - 1 through 5 (of 5 total)