Tips and Tricks HQ Support

Support site for Tips and Tricks HQ premium products

WP eStore – My IP gets blocked

by

Tips and Tricks HQ Support Portal Forums WP eStore Forum WP eStore – My IP gets blocked

Tagged: , , , , , , ,

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • January 28, 2011 at 5:42 pm #2592
    affiliatepro
    Member

    I’m using the latest version of WP Estore and I have a serious problem, I’m building a site that is hosted with GVO hosting and my IP has been blocked numerous times the last few days.

    I got in touch with support at GVO and they told me that the cart is doing something weird and it’s causing my IP to be blocked..

    Below is the report from GVO support on the error..

    [Fri Jan 28 11:03:49 2011] [error] [client 71.199.4.124] ModSecurity: Access denied with code 406 (phase 2). Pattern match “(?:b(?:(?:type\b\W*?\b(?:text\b\W*?\b(?:j(?:ava)?|ecma|vb)|application\b\W*?\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\b.{0,100}?\bsrc)\b|on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)|key(?:press|d …” at REQUEST_FILENAME. [file “/usr/local/apache/conf/modsec2.user.conf”] [line “117”] [id “950004”] [msg “Cross-site Scripting (XSS) Attack”] [data “.cookie”] [severity “CRITICAL”] [tag “WEB_ATTACK/XSS”] [hostname “antiques-furniture-collectables.info”] [uri “/wp-content/plugins/wp-cart-for-digital-products/lib/jquery.cookie.js”] [unique_id “TUL29QzMpLIAAEvpxvoAAAAW”]

    It looks to me like this is the file creating the problem ….

    wp-content/plugins/wp-cart-for-digital-products/lib/jquery.cookie.js

    Would you mind explaining why this is happening and what exactly this file is doing to create a “WEB_ATTACK/XSS” ….

    January 28, 2011 at 9:07 pm #28475
    wzp
    Moderator

    https://support.tipsandtricks-hq.com/forums/topic/estore-has-script-that-triggers-security-rule-and-causes-blocked-ip-addresses

    January 29, 2011 at 5:14 am #28476
    amin007
    Participant

    This problem is caused by an apche module (mod_security), which possibly makes a conflict with a Javascript library (jquery.cookie.js), included by eStore. Some hosting companies seem to have slightly inappropriate configuration for the apache mod_security.

    January 30, 2011 at 9:23 pm #28477
    affiliatepro
    Member

    As of 27th of January I’m using the latest build of WP eStore.

    I tried looking for the work around located here

    https://support.tipsandtricks-hq.com/forums/topic/xss-attack-caused-by-wp-cart-for-digital-productslibjquerycookiejs

    Could not find exact line of code below in the latest build, as per workaround link above

    wp_enqueue_script(‘jquery.cookie’,WP_ESTORE_LIB_URL.’/jquery.cookie.js’);

    My question: In the latest build did this code change and is there another line of code I need to delete?

    Also, is there setting in the hosting where I can go in and edit the apache mod_security and if so what could I modify it too?

    Thanks,

    January 31, 2011 at 5:23 am #28478
    amin007
    Participant

    You don’t need to do anything if you are using a recent version of the plugin so you won’t find that line anymore.

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.