I use RSForm Pro witn Google reCaptha 2. After installing Securitycheck Pro visitors can not send a message because Securitycheck blocks reCaptcha request like SQL Injection (look screenshot).
How can I privent such behavior?
Just add what appears in the component row (I can't see it in the attachement) to the Line comments filter exceptions (Web firewall configuration --> Filter exceptions --> SQL Injection tab) or enable the 'Easy config' option (you can find it in Securitycheck Pro main panel).
exact the same happens on my site: the joomla contact form cannot send anymore, I get a 400 error if I try to send a message. I use Google reCaptcha - noCaptcha.
What should I do in the exception tab? I don't want to do the Easy config, because I want to have the best security but the normal functions should work at all. Or is there an option to make Securitycheck Pro know that we use Google reCaptcha or to set the exception easy?
Thanks in advance, Verena
Just follow what I said in the message above; the exceptions mechanism works adding the extension involved to the filter applied, so adding what appears in the component row to the Line comments filter exceptions (Web firewall configuration --> Filter exceptions --> SQL Injection tab) will solve your issue.
Hola Jose, it would be helpful if you could tell us how to determine what text to use to enter into the field? For instance, when I look in Extensions/Manage and search for captcha, I see this: " CAPTCHA - reCAPTCHA". But and when I login via FTP I see /plugins/captcha/recaptcha. I note in the SQL tab that the syntax matches the component directory format, e.g., com_kunena, which is easy enough to understand. What is the format or syntax for plugins?
Btw, in the above, you inferred that using the Easy Config setting would create the recaptcha filter, and I tried it, but it didn't set a filter for recaptcha, infact it deleted my other filters.
*** UPDATE: *** I didn't see the asterisk character in the various SQL Injection fields under Line Comments. I assume that they are wildcard for all extensions. Sorry
Yes, the "Easy config" feature should solve your issue as many times this blocking is caused by false positives of some SQL injection filters. Anyway, when the firewall blocks something you can add an exception looking at the "component" row into the "View firewall logs" option.