Menu

Topic-icon When using iframe - "The webmaster has forbidden your access to this site"

  • tadbrunye
  • tadbrunye's Avatar Topic Author
  • Offline
  • Fresh Boarder
  • Fresh Boarder
More
1 week 4 days ago - 1 week 4 days ago #6951 by tadbrunye
I love SCP, this is a great product and I have been using it for several years now.

I am trying to use an iframe in an article. Here is the iframe code:
<iframe marginwidth="0" marginheight="0" scrolling="no" frameborder="0" src="//ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&amp;OneJS=1&amp;Operation=GetAdHtml&amp;MarketPlace=US&amp;source=ss&amp;ref=as_ss_li_til&amp;ad_type=product_link&amp;tracking_id=core-20&amp;language=en_US&amp;marketplace=amazon&amp;region=US&amp;placement=B072KG85RN&amp;asins=B072KG85RN&amp;linkId=bc978d2cdefb5daa0043e1a218e62022&amp;show_border=false&amp;link_opens_in_new_window=true" style="width: 120px; height: 240px;"></iframe>

This is the error I am getting when I try to Save the article:

The webmaster has forbidden your access to this site


And in the firewall log, here is what I see:

Tags stripped from string (possible XSS attack) :[POST:jform]


Where exactly can I fix this, to prevent this error? I already tried whitelisting my IP in the firewall log. Is there a way to make iframes an exclusion?
Last edit: 1 week 4 days ago by tadbrunye.

Please Log in or Create an account to join the conversation.

More
1 week 4 days ago #6952 by Jose
Hi tadbruyne,

Thank you very much for your confidence in my extensions!! I'm glad to hear you like them! :)

To solve this just go to Waf configuration -> filter exceptions -> xss tab and set the 'filter all html tags' to No. Doing that you will be able to edit the 'tags to be filtered' field, where you can exclude the 'iframe'.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • tadbrunye
  • tadbrunye's Avatar Topic Author
  • Offline
  • Fresh Boarder
  • Fresh Boarder
More
1 week 4 days ago - 1 week 4 days ago #6953 by tadbrunye
Hi Jose -

When I clicked SAVE after doing this, I got the following error:

418 unused
The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, This email address is being protected from spambots. You need JavaScript enabled to view it. and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.


I'm using SCP 3.1.7. Any ideas?
Last edit: 1 week 4 days ago by tadbrunye.

Please Log in or Create an account to join the conversation.

More
1 week 4 days ago #6954 by Jose
Umm, you're the second customer with the same issue. However, I'm not able to reproduce It.

Can you ask to your hosting provider if there is a mod_security rule causing the issue? If they tell you there is no rule, can you send me the error.log of Apache after getting the issue?

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • tadbrunye
  • tadbrunye's Avatar Topic Author
  • Offline
  • Fresh Boarder
  • Fresh Boarder
More
1 week 4 days ago - 1 week 4 days ago #6955 by tadbrunye
Looks like mod security is enabled on our dreamhost VPS:

[Thu Jul 11 08:42:36 2019] [error] [client 2601:19f:901:a2a3:90cf:54e:d5e1:1d1f] ModSecurity: Access denied with code 418 (phase 2). Matched phrase "base64_decode" at ARGS:second_level_words. [line "256"] [id "1990070"] [msg "Common known arguments for backdoor shell present in ARGS:second_level_words"] [hostname "xxxxxxxxxxxxxxx.com"] [uri "/administrator/index.php"] [unique_id "XSdY7dWjwHTAAAmNc3MAbAAK"][/quote] To avoid this problem, is there a way for me to change the filter exceptions rule manually in the SCP database or files? In the meantime, I just turned off firewall protection while publishing the article.[file "/dh/apache2/template/etc/mod_sec2/99_dreamhost_rules.conf"] [line "256"] [id "1990070"] [msg "Common known arguments for backdoor shell present in ARGS:second_level_words"] [hostname "xxxxxxxxxxxxxxx.com"] [uri "/administrator/index.php"] [unique_id "XSdY7dWjwHTAAAmNc3MAbAAK"]


To avoid this problem, is there a way for me to change the filter exceptions rule manually in the SCP database or files?

In the meantime, I just turned off firewall protection while publishing the article.
Last edit: 1 week 4 days ago by tadbrunye.

Please Log in or Create an account to join the conversation.

More
1 week 4 days ago #6956 by Jose
It's odd because I encoded the 'second level' words to avoid this issue. Can you go to the 'second level' tab and tell me if words field is encoded? It should be decoded once you click on it.

If you can see the words in plain text just delete the 'base64_decode' (or all the words) and save it. This should work.

Regards,
Jose

Please Log in or Create an account to join the conversation.

Time to create page: 0.063 seconds
Powered by Kunena Forum

Login or Sign In