I upgraded yesterday and now our admin users are complaining that they cannot save records (invoices and Newsletters from 2 components), instead they get 'The webmaster has forbidden your access to the site'.
The firewall log shows the following errors:
Line comments :[POST:editor_body]
SQL pattern detected :[POST:pay_inst_1]
Backslashes added to characters :[POST:pay_inst_1]
I have temporarily added filters for these for the two components but concerned at having to do this and also concerned as to what else is affected.
Since this version (3.1.6) all firewall rules are also applied to super user accounts (previously that group were excluded) to get a better protection against threats targeting them. So adding those exceptions should solve your issue.
I apologize for all the inconveniences caused.
Edited: Remember you can choose to which groups apply firewall rules from Configuration -> Rules management.
Last edit: 5 months 4 weeks ago by Jose. Reason: Add more info about 'rules management'
After checking the code I have added some improvements to avoid false positives in the administrator area. I have updated 3.1.6 version file, so anyone experiencing false positives can download and update this version again.
I can confirm that even after instaling the latest file I am getting 'The webmaster has forbidden your access to the site' for something as simple as saving two lines of text in K2. Started since 3.1.6 version. This is preventing me from updating the website. This is happening irrespective of the level of the user (Super User, Admin, Manager). I really need a solution or will have to uninstall Security Check pro.
I have Easy Config setup, running Joomla 3.9.6. The website has had no issues until 3.1.6 upgrade.