Ecommerce Shopify WordPress Discussion

SQL injection error in Modsecurity logs in Plesk

I am receiving the following error for 1 of my wordpress site running on a Plesk server. [client] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\[\\\\]\\\\x22',()\\\\.]{10}$|\\\\b(?:union \\\\sall\\\\sselect\\\\s(?:(?:null|\\\\d+),?)+|order\\\\sby \\\\s\\\\d{1,4}|(?:and|or)\\\\s\\\\d{4}=\\\\d{4}|waitfor\\\\sdelay\\\\s' \\\\d+:\\\\d+:\\\\d+'|(?:select|and|or)\\\\s(?:(?:pg_)?sleep\\\\(\\\\d+ \\\\)|\\\\d+\\\\s?=\\\\s?(?:dbms_pipe\\\\.receive_message\\\\ ..." at REQUEST_COOKIES:sbjs_first. [file "/etc/httpd/conf/modsecurity.d/rules /comodo_free/22_SQL_SQLi.conf"] [line "66"] [id "218500"] [rev "18"] [msg "COMODO WAF: SQLmap attack detected||website name|F|2"] [data "Matched Data: |||id=(none) found within REQUEST_COOKIES:sbjs_first: typ=typein|||src=(direct)|||mdm=(none)|||cmp=(none)|||cnt=(none)|||trm= (none)|||id=(none)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "website name"] [uri "/wp-login.php"] [unique_id "ZamB- 8j9IfDbYiJgRoahGwAAAAM"], referer: When I visited some pages on the frontend it gives this error: Server Error 403 Forbidden You do not have permission to access this document. That's what you can do Reload Page Back to Previous Page Home Page I wonder if this a real attack? or false positive I was able to export the site to local. It seems working ok there.
CRS dev-on-duty here. Even if you don't use CRS rules and this is a problem of COMODO WAF rules, I'll try to help. While searching for the cookie name sbjs_first, I found this GitHub issue here, which is an indication that this sourcebuster cookie looks legitimate. Maybe you'll even the solution to your problem in one of the comments in this issue. If this isn't the solution, you may need to tune the rules. Maybe you can also use our (CRS) documentation on false positives and rule tuning.

January 20, 2024

TurboCommerce make the better internet purchasing globaly

Turbo Multi-language Translator

Make the better internet purchasing globaly

Turbosify SEO Speed Booster

5.0 (7) Free plan available
Get better conversions by improving store loading speed Installed

Turbo Multi-language Chat - AI Customer service in one hand

TurboCommerce make the better internet purchasing globaly
Our products

The help you need, when you need it

App by Turbo Engine

3 apps • 5.0 average rating

Turbosify Speed Booster

5.0 (7)
Get better conversions by optimizing shopify store Google page speed Installed

Turbosify Translator for Wordpress Woocommerce

5.0 (74) Free Wordpress Woocommerce Plugin
Translate your wordpress website to multiple language within 1 click, no configuration needed, no No technical required

Grow your business here

Whether you want to sell products down the street or around the world, we have all the tools you need.