Issue with Elementor Pro

Hi @ricardorvm,

We use Elementor & Complianz on our own sites as well, and haven’t received other reports about this. As you also state that the combination works fine on your other sites, I’d assume that the issue is isolated to this specific environment.

The 403 Forbidden error means that the server understood the request, but that the access is denied. In most cases, this is related to security plugins/strict security settings.

Do you know of any security plugins/settings that might differ from your other environments? I would recommend starting there.

Just let me know if you have any updates about this.
Kind regards,
Jarno

Hello:

Well, since I also have Complianz running with Elementor pro on numerous websites, and what you tell me about security, I have changed the modsecurity firewall on the server from enabled to detection only, and now the website loads perfectly.

It’s a bit weird, actually, because on the same server I have two other websites working fine with both plugins.

I found this in the modsecurity log about a 403 response that I’m unable to understand:

--efa92453-F--
HTTP/1.1 403 Forbidden
Content-Length: 243
Connection: close
Content-Type: text/html; charset=iso-8859-1

--efa92453-H--
Message: Access denied with code 403 (phase 2). Matched phrase "w00tw00t.at.blackhats.romanian.anti-sec" at REQUEST_FILENAME. [file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/03_Global_Agents.conf"] [line "38"] [id "211010"] [rev "1"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site||194.35.43.200|F|1"] [data "/w00tw00t.at.blackhats.romanian.anti-sec:)"] [severity "ALERT"] [tag "CWAF"] [tag "Agents"]
Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 139.59.140.199] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "w00tw00t.at.blackhats.romanian.anti-sec" at REQUEST_FILENAME. [file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/03_Global_Agents.conf"] [line "38"] [id "211010"] [rev "1"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site||194.35.43.200|F|1"] [data "/w00tw00t.at.blackhats.romanian.anti-sec:)"] [severity "ALERT"] [tag "CWAF"] [tag "Agents"] [hostname "194.35.43.200"] [uri "/w00tw00t.at.blackhats.romanian.anti-sec:)"] [unique_id "XidFeqWYREgK7fPzxB0powAAAI4"]
Action: Intercepted (phase 2)
Stopwatch: 1579631994099724 4647 (- - -)
Stopwatch2: 1579631994099724 4647; combined=893, p1=597, p2=229, p3=0, p4=0, p5=67, sr=144, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.3 (https://www.modsecurity.org/); CWAF_Apache.
Server: Apache
Engine-Mode: "ENABLED"

Regards

• This reply was modified 3 years ago by RicardoRVM.

Hi @ricardorvm,

The attached log looks unrelated, a quick Google search on the matched phrase “w00tw00t.at…” mentioned reveals that this might have been a request made by a bot/tool that tried scanning your website (but the request was blocked).

But just to confirm, with the current configuration this works as intended?

Kind regards,
Jarno

Hello, Jarno:

Yes, it works now. What happens is that it’s a bit weird that other websites with the same plugins work on the same server, and for this one I have to lower the security.

But it works.

Thanks and best regards

Hi @ricardorvm

Great to hear that your issue is resolved! Could you tell us what you think of the plugin or the support by casting your Review here? We’d love to hear your feedback!