Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

403 error from adding custom rule – require clean data #4

Open
motiv8d opened this issue May 15, 2020 · 3 comments
Open

403 error from adding custom rule – require clean data #4

motiv8d opened this issue May 15, 2020 · 3 comments

Comments

@motiv8d
Copy link

motiv8d commented May 15, 2020
edited
Loading

I am evaluating querywall and like its premise. However, am experiencing complete lockouts, including to admin, by the plugin with resulting 403 error.

Steps to reproduce problem:

  1. Install querywall on WP 5.4.1 under cpanel
  2. Activate
  3. Add multiple rules to test to first rules panel that should not conflict with any actual operations nor have possibility of being triggered eg:
    abracadabra.php
    pillowvirus.php
    (Note: the above two filenames do not exist in the file system)
  4. Save
    This results in immediately being locked out with a 403 error

The plugin must then be manually disabled.
Removing and reinstalling the plugin results immediately in the 403 error again.
I can confirm that removing the plugin does the following:
a) removes the files from plugin directory /wp-content/plugins/querywall/
b) removes the table cpaneldbprefix_qwall_monitor

I cannot see where the firewall settings data for querywall are stored. eg: doing a text search in files for “abracadabra” after adding it as a rule does not provide any hits, neither does searching the all of the tables in the database.

Would someone please advise where the rules are stored and how to ensure that all custom rules are being removed for querywall so a completely clean install can be performed?

(Note: Also posted issue at relevant section for wordpress https://wordpress.org/support/topic/403-error-from-adding-custom-rule-require-clean-data/)

And can anyone confirm that querywall is working ok under WordPress 5.4.1 with custom rules added?

Finally, is it possible with querywall to blacklist IP addresses that break the firewall rules for a period of time?

Thank you
@4ley
Copy link
Owner

4ley commented May 15, 2020
edited
Loading

Hi, please let me know which webserver (apache, nginx) and php version you use. Furthermore I need to know where exactly did you add the rules.

About your other question: Blocking IPs temporarily is not yet possible. This feature needs to be developed.

@motiv8d
Copy link
Author

motiv8d commented May 15, 2020

Hi 4ley. Thank you for the prompt reply.
LiteSpeed V7.6
PHP Version 7.2.30

They were entered into the first tab panel of the settings.
I can't recall what it was called now and am unable to reactivate the plugin to check as it gives 403 error as soon as activated now.

Cheers for information on the IP blocking. It sounds like a promising project.

@4ley
Copy link
Owner

4ley commented May 18, 2020

Unfortunately I can't reproduce the error. I tested on Apache with PHP 7.2.31. Rules are stored in WP options under qwall_avc_{qwall_attack_vector} like qwall_avc_request_uri

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@4ley @motiv8d