Menu

Topic-icon Does Shortcodes Ultimate trigger the SCP Firewall?

  • azurelinksc
  • azurelinksc's Avatar Topic Author
  • Offline
  • Senior Boarder
  • Senior Boarder
More
5 days 22 hours ago - 5 days 22 hours ago #8085 by azurelinksc
Hola Jose,

A client's site is having random IP blocks occurring. I checked the logs for latest IP (the client's) whose staff was being blocked and it looks like they were just trying to access a K2 Item which had Shortcode Ultimate code snippets placed in the content.

Here are fascimiles of the two code snippets in the content:

[vimeo url=" vimeo.com/clientvideoid " height="450"]

and

[icon icon="icon: facebook" background="#306199" color="#ffffff" size="32" padding="20px" radius="2px" url=" www.facebook.com/clientaccount?fref=ts "] [icon icon="icon: twitter" background="#26C4F1" color="#ffffff" size="32" padding="20px" radius="2px" url=" twitter.com/clientaccount " target="_blank"] [icon icon="icon: linkedin" background="#007BB6" color="#ffffff" size="32" padding="20px" radius="2px" url=" www.linkedin.com/company/clientaccount/ " target="_blank"] [icon icon="icon: envelope" background="#686565" color="#ffffff" size="32" padding="20px" radius="0" url=" eepurl.com/clientcode " target="_blank"]

Would these trigger the SCP Firewall?

The K2 URL looks similar to this:

www.clientsite.com/news-feed/item/123-alias-of-the-article.html

And if I need to exclude it in SCP, do I just include the extension's component, module, and plugin directory names, separated by commas?

In what tabs under WAF Configuration/Filter Exceptions?:

Check Header/Referer
Check Base64 format
XSS
SQL Injection
'LFI' filter
'Second level' filter

For the record, these are the directory names of the Shortcodes Ultimate extension:

com_bdthemes_shortcodes (components)
shortcode_ultimate (plugins/editors/xtd)
shortcode_ultimate (plugins/content)
removeshortcode (plugins/search)
bdthemes_shortcodes (plugins/system)

Which/what would I enter in the parameters for exceptions?

FYI, the page loads fine for me and does not trigger a block, but my IP is in the whitelist with whitelist priority 1.

Thanks in advance for your help.
Last edit: 5 days 22 hours ago by azurelinksc. Reason: Added more info.

Please Log in or Create an account to join the conversation.

More
5 days 21 hours ago #8086 by Jose
Hi azurelink,

Check if the XSS filter is configured to filter all html tags (Waf configuration -> filter exceptions -> Xss tab):


If so then no html tags will be allowed. Do you have any log entry when this issue arises? I just want to confirm the rule applied.

Regards,
Jose
Attachments:

Please Log in or Create an account to join the conversation.

Time to create page: 0.285 seconds
Powered by Kunena Forum

Login or Sign In