Notice: This thread is over two years old; the information may be outdated. Please consider creating a new thread if you require free support. If you have an active SiteOrigin Premium license, you can email our premium support desk at [email protected].
Hello,
I experienced a problem on one of the customer’s site recently. I tried to add a new post with Page Builder and two widgets: Editor + Button.
Button was supposed to link to pdf file, but when I try do publish the new post I get the error 403.
[Thu Jun 06 13:54:46.155480 2019] [:error] [pid 28:tid 140204199356160] [client 194.181.252.78:52529] [client 194.181.252.78] ModSecurity: Access denied with code 403 (phase 2). Pattern match "http://[a-zA-Z0-9._]{1,}?/.{0,}?\\.pdf\\b[^\\n\\r]{0,}#" at ARGS:panels_data. [file "/usr/share/waf/09_Global_Other.conf"] [line "21"] [id "211050"] [rev "1"] [msg "COMODO WAF: Universal PDF XSS URL Detected.||||2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.mydomain"] [uri "/wp-admin/admin-ajax.php"] [unique_id "XPj-Bqv34OrCqnvJli15GwAAAAU"], referer: http://mydomain/wp-admin/post-new.phpIt seems that server recognizes button as a potential threat, but when I create normal url leading to pdf everything works just fine.
I saw couple of threads refering to 403 error issue, but none of them seemed similar to mine.
Hi, thanks for posting.
Unfortunately, there isn’t anything we’re able to do from our end. Please, reach out to hosting support and ask them if they can check ModSecurity logs and perhaps resolve this false positive issue.