Menu

Topic-icon Different default configuration for members !!

  • herveD
  • herveD's Avatar Topic Author
  • Offline
  • Senior Boarder
  • Senior Boarder
More
6 months 6 days ago #6813 by herveD
Hi José

I would like to correctly set your extension which is ultra sensitive!
Connected members must be able to publish content (with basic HTML tags) without receiving alarming messages
"A sequence has been detected that could mean a hacker attack. Your request can not be processed. " :silly:

You made suggestions to me that solved the problems. I do not think I've gone back and yet, this continues to block members (including myself if I do posts with firefox and admin with chrome !!)
Would it be possible that natively, you allowed a connected member with rights greater than "author" to be able to not be blocked by publishing content by copying HTML code!

Regards
Attachments:

Please Log in or Create an account to join the conversation.

More
6 months 6 days ago #6814 by Jose
Hi Hervé,

Yes, initially there are many things to be configured as the attack surface is really big and not all the rules can be applied to every site.

Regarding to your question, you can choose to apply or not apply the firewall rules to the user groups desired; this way you can avoid issues with 'sensible' groups. You can do this from Configuration -> Rules management.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • herveD
  • herveD's Avatar Topic Author
  • Offline
  • Senior Boarder
  • Senior Boarder
More
6 months 6 days ago - 6 months 6 days ago #6827 by herveD
Hi José
1/ I applied the rules (see image) but I wonder what consequence (or problem) that could lead to?
Even if the probability is low, a connected member could publish content with a malicious script?
My need is just not to block registered single members because they copy / paste content with HTML from other sites!
2/ Is it possible to have this fine adjustment?

In a few weeks, I will do 2 or 3 sites with the same configuration (social network, creation of content with HTML possible by members) and I would like to have a suitable setting to no longer solicit you
Regards
Attachments:
Last edit: 6 months 6 days ago by herveD.

Please Log in or Create an account to join the conversation.

  • herveD
  • herveD's Avatar Topic Author
  • Offline
  • Senior Boarder
  • Senior Boarder
More
6 months 6 days ago - 6 months 6 days ago #6828 by herveD
re
3/ for info, after putting this new rule, a friend was still banned with the same message after publishing the event :-( !!!
=> I was thinking of another solution that would validate all trusted members manually so that it is no longer blocked
Last edit: 6 months 6 days ago by herveD.

Please Log in or Create an account to join the conversation.

More
6 months 5 days ago #6832 by Jose
I Herve,

I'm going to publish a new version (3.1.7) to include the improvements I did and to be fully ruse you're up to date with them. After those changes nobody should get the message after publishing html code and you would enable all groups in the "rules management" option.
Please, tell me if you still get the issue after updating.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • herveD
  • herveD's Avatar Topic Author
  • Offline
  • Senior Boarder
  • Senior Boarder
More
6 months 5 days ago #6838 by herveD
Hi José
OK :) , I'll follow that
Regards

Please Log in or Create an account to join the conversation.

Time to create page: 0.058 seconds
Powered by Kunena Forum

Login or Sign In