- This topic has 3 replies, 2 voices, and was last updated 5 years, 7 months ago by
.
-
Posts
-
Hello,
Sometimes when I save some changes in WP Affiliate Manager settings, WordPress and the Database crash.
The Wp Administrator page closes and I see this error: : “Forbidden
You do not have permission to access this document.
Web Server at website.it”Below is the error copied from the error_log file:
———————-
[Wed Sep 16 12:30:30.109769 2020] [:error] [pid 12836:tid 139885247678208] [client 93.xx.140.xxx:42240] [client 93.xx.140.xxx] ModSecurity: Access denied with code 403 (phase 2). Pattern match “^wpam-(?:manage-payouts|admin-functions|settings|creatives|newaffiliate)$” at MATCHED_VAR. [file “/etc/httpd/conf/modsecurity.d/rules/comodo_free/27_Apps_WPPlugin.conf”] [line “6240”] [id “234081”] [rev “2”] [msg “COMODO WAF: CSRF vulnerability in affiliates-manager plugin before 2.6.6 for WordPress (CVE-2019-15868)||website.it|F|2”] [severity “CRITICAL”] [tag “CWAF”] [tag “WPPlugin”] [hostname “xxxxx.it”] [uri “/wp-admin/admin.php”] [unique_id “X2HpRoeB7zXE8RBirDWwDAAAANA”], referer:https://website.it/wp-admin/admin.php?page=wpam-settings&action=messaging
———————–I tried to uninstall all plagins and activate them one at a time but I could not understand if there is any conflict.
Pease help me, thanks@lucios54, Are you using the latest version of the plugin (2.7.8)? If not please update the plugin, reset the log and see if it happens again.
@lucios54, This warning is coming from the apache mod_security on the server for version 2.6.6 (which is really old). Please contact your web host to see why this is happening.
- You must be logged in to reply to this topic.