For your information, currently, with the “Prevent Bad Query Strings” option enabled, customers can successfully add new products to the shopping cart on my website without any issues.

However, I am still receiving a “403 Access Denied” error for the following specific URLs, which appear to be older links related to adding products to the cart:

https://avalmabna.com/?add-to-cart=31729&quantity=1&e-redirect=https://avalmabna.com/product/yaal-steel-rail-non-fabric/

https://avalmabna.com/?add-to-cart=31744&quantity=1&e-redirect=https://avalmabna.com/product/yaal-swing-gates-automation-hero/

These two specific URLs return a 403 error unless I disable the “Prevent Bad Query Strings” feature.

Please investigate or advise if possible why these specific older links are still being blocked by the “Prevent Bad Query Strings” feature.

My website is currently running the latest versions of WordPress, the AIOS plugin, and PHP, and everything is up to date.

Thank you.

The problem with whitelisting urls is that each topic (and profile) has his own url so, as soon as an user creates a new topic someone replying to it will get blocked by a false positive.

Is there any way, even with a custom plugin, to whitelist all forum pages?

E.g. /mysite/myforum/*

As it is now my forum is nearly unusable, I’ve more than 100 users, I cannot ask them to contact me every time they are blocked so I can whitelist the url

Thanks

1. /wp-content/plugins/brizy-pro/public/editor-build/prod/js/group-all.pro.min.js Issue type:?Redirect:PHP/fakead.11365. Description:?Javascript redirection with added obfuscation
2. /wp-content/plugins/brizy-pro/public/editor-build/prod/js/group-2_3.pro.min.js Issue type is: Redirect:PHP/fakead.11365 Description: Javascript redirection with added obfuscation
3. wp-content/plugins/brizy-pro/public/editor-build/prod/js/group-1_3.pro.min.js Issue type is: Redirect:PHP/fakead.11365 Description: Javascript redirection with added obfuscation
4. /wp-content/plugins/brizy-pro/public/editor-build/prod/js/group-3.pro.min.js Issue type is: Redirect:PHP/fakead.11365 Description: Javascript redirection with added obfuscation

How to reproduce

1. Install Brizy Page Builder from the WordPress plugin repository
2. Install Brizy Pro 2.6.0 from https://jmp.sh/dvykcrZ7
3. Run the Wordfence scan

Our developers have looked into this issue and have felt that this is a false positive. Kindly confirm if the above files are truly malicious or unsafe.

KC George
Customer Care
https://www.brizy.io/

https://prntscr.com/eNl4MKmZsCmS

https://prntscr.com/AIIT5AuJtHEF

This forms appears across all pages on our site.

On the backend, the form has a JS script running that assigns a long random string to the submission. This is becasue our autoresponder needs each submission to be unique, or it is rejected on the back end.

Really, we need this form to be excepted from Cleantalk.

We have tried adding exclusion by form field name “Phone”, however it does not work, and the error message persists.

How can we resolve please.

Thanks,

I’m getting daily emails about something that I don’t need to address.

Is there a way to ignore certain file names when the content of those files changes daily?

In testing the new cloud scanning engine introduced with BLC 2.0, I’ve run into an issue where links that contain a query parameter that cannot be omitted (such as YouTube playlists, Google calendar links, etc.)

I know that removing query parameters is the default behavior, but without some way to allowlist certain parameters or detect when parameters are a meaningful part of a URL (such as trying the URL again with the query parameters included if the stripped URL fails) this leads to a large number of false positives.

One good example is YouTube Playlists. Here’s one for the BLC team to listen to while debugging this issue Below is an example of testing this URL using the curl command provided elsewhere in the support forum, both with and without the query parameter:

~: curl --header "X-Forawarded-For: 165.227.127.103" -I -A "WPMU DEV Broken Link Checker Spider" "https://www.youtube.com/playlist"
HTTP/2 404
content-type: text/html; charset=utf-8
...
~: curl --header "X-Forawarded-For: 165.227.127.103" -I -A "WPMU DEV Broken Link Checker Spider" "https://www.youtube.com/playlist?list=PLd4WuOjySbJyxmFpBOE71slcbqvK9K2jd"
HTTP/2 200
content-type: text/html; charset=utf-8
...

As you can see from the example, the only difference is the presence or absence of the “list” query parameter. Omitting that will always produce a 404 error. Please provide an update or documentation to address this issue, both for known services, and for others that may be newly created and wouldn’t be on an internal allowlist.

Thank you,
David

Depuis quelques jours, un de mes formulaires Forminator ne génère que des faux positifs. Dans le log, les filtres qui ont généré le classement en indésirable sont à chaque fois honeypot et timeout.

J’ai testé d’autres formulaires, la première soumission fonctionne mais la 2e est marquée comme indésirable, toujours à cause de honeypot et timeout.

Le problème persiste en désactivant le thème et toutes les extensions sauf Forminator et La Sentinelle. J’ai également désactivé le captcha. J’ai testé sur Firefox et sur Chrome.

Merci d’avance pour votre aide.

Please fix this error as soon as possible.

UPDATE: I just discovered that there has been a newer release of Security Ninja, and the false positive is now gone.

I hope you’re all doing well. On some sites where I have the LiteSpeed plugin installed, when I access the Page Optimization menu, Kaspersky antivirus reports a Trojan with the following information:

Threat level: High Object type: File Object name: admin.php?page=litespeed-page_optm Type: Trojan Horse Name: HEUR.Script.Malcrack.gen

I would like to know if anyone else is experiencing this issue. I’m suspecting it might be a false positive.

Thank you!