My own ip in attack

  • Resolved mojo21

    (@mojo21)


    6 years, 2 months ago

    I just got a mail that say that my attack increased and it shows this

    January 21, 2019 12:56pm 185.195.19.206 (Romania) Blocked for XSS: Cross Site Scripting in POST body: strings=[{“node”:{},”original”:”\n\n(function() {\n\twindow.trackingUtils=function(l,c,e,o,p,h,d,q,s,n){var ê

    for several times in my wordfence mail, note that 182.195.19.206 it’s my ip could I triggered the attacks without my knowing?

    Or can someone explain to me what this attack means?

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hi @mojo21,

    I believe this is a false positive caused by one of the widgets you have installed named Amazon Recommendations.

    This is not an attack, it is this widget sending some data to your server, and Wordfence thinking that is might be malicious.

    Can you follow these steps to whitelist this widget?

    1. Go to Wordfence -> All Options
    2. Scroll down until you see Whitelisted URLs
    3. Put / for the URL
    4. Select Param Type: POST Body for the dropdown
    5. Put strings for the Param Name
    6. Click Add
    7. Click Save Changes in the top-right corner

    For example: https://i.imgur.com/KZo8JkB.png

    Dave

    Thread Starter mojo21

    (@mojo21)

    I don’t have the Amazon Recomandation widget. I’m don’t remember installing that widget at all.

    Could it be something else?

    It may be a different plugin or widget that is producing this request.

    If you would like, you can post your website’s URL here and I’ll take a look to see what I can find.

    You can also provide me with the list of plugins and widgets you have currently active on your site.

    By the way, does the whitelist work?

    Dave

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘My own ip in attack’ is closed to new replies.