AMP Plugin Triggering ModSecurity Hits

  • Resolved fidosysop

    (@fidosysop)


    6 years, 9 months ago

    Noticing ModSecurity hits in my WHM / cPanel v68.0.28

    930110 Path Traversal Attack
    Request: GET /wp-content/plugins/amp/assets/css/’../images/amp-icon.svg’
    Action Description: Warning.
    Justification: Matched phrase “../” at REQUEST_URI.

    Any suggestions?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Weston Ruter

    (@westonruter)

    Here is the code in question that is triggering that:

    https://github.com/Automattic/amp-wp/blob/0.6.1/assets/css/amp-post-meta-box.css#L27-L38

    I’m not sure what can be done since it needs to locate assets that are relative to where the stylesheet is. When I look at the request being made by Chrome it resolves the relative path to be: /wp-content/plugins/amp/assets/images/amp-icon.svg

    Does ModSecurity indicate the user agent that was making the request. I don’t see why ModSecurity is reporting that as an error.

    Thread Starter fidosysop

    (@fidosysop)

    Don’t know much about ModSec.. However it’s only effecting my IP when I’m logged in. Maybe a WordPress toolbar incompatibility somehow?

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘AMP Plugin Triggering ModSecurity Hits’ is closed to new replies.