Replies: 0
I’m configuring my new wordpress site and have now been twice blocked by my site’s firewall, the message being (I’ve removed my IP address):
Your IP address … had been blocked by the firewall due to repeatedly triggering a mod_security filter rule (“Blind SQL Injection Attack” – see sample below). I have unblocked your IP address and disabled the filter rule in question on the assumption that this is a false positive.
—
[Fri Apr 27 16:13:48 2018] [error] [client …] ModSecurity: Access denied with code 406 (phase 2). Pattern match “\\\\b(?:(?:s(?:ys(?:(?:(?:process|tabl)e|filegroup|object)s|c(?:o(?:nstraint|lumn)s|at)|dba|ibm)|ubstr(?:ing)?)|user_(?:(?:(?:constrain|objec)t|tab(?:_column|le)|ind_column|user)s|password|group)|a(?:tt(?:rel|typ)id|ll_objects)|object_(?:(?:nam|typ)e|id) …” at ARGS:data[form_data]. [file “/usr/local/apache/conf/modsec2.user.conf”] [line “134”] [id “950904”] [msg “Blind SQL Injection Attack”] [data “user_password”] [severity “CRITICAL”] [tag “WEB_ATTACK/SQL_INJECTION”] [hostname “bourneendu3a.org.uk”] [uri “/wp-admin/admin-ajax.php”] [unique_id “WuM@LE31QtoAE3U9PlAAAABE”]
I was at the time trying to configure the “User registration” plugin v1.2.5 and it was not behaving as per instructions. (It wouldn’t save a new configuration.) I had deactivated the other plugins (Logged in User Shortcode, Theme My Login, Coming Soon Page & Maintenance Mode) except the last but otherwise it’s a standard 4.9.5 WordPress with Iconic-1 theme. I’ve put requests on WPEverest’s forums but had no help from there.
So what do I do next? Afaics User Registration is the only free plugin that allows controlled signups but I’ll have to assume it’s at fault.