One user blocked for LFI but not me

  • djason

    (@djason)


    8 years ago

    A user with the role of Editor is attempting to import a CSV using TablePress. He’s done this countless times before but now is getting blocked with “blocked by firewall for LFI: Local File Inclusion in POST body”. If I do the same operation, under an administrator account, I do not get an error. Why? I also tried with a test user with Editor permission and get the same result:

    403 Forbidden
    A potentially unsafe operation has been detected in your request to this site.

    I also do not see anything in the CSV that would cause this. There are no links. I whitelisted the param and the problem went away.

Viewing 1 replies (of 1 total)
  • wfalaa

    (@wfalaa)

    Hi djason,
    For “admin” users it’s normal that their requests aren’t blocked because they are excluded from the firewall rules, regarding “editor” users, I suggest switching the “Firewall Status” to “Learning Mode” under (Wordfence > Firewall) then try performing the same action you were doing with TablePress while logged in with an editor user account and the Firewall will learn to whitelist this action in the future, after that you can revert the Firewall Status back to “Enabled and Protecting”.

    Let me know how it goes,
    Thanks.

Viewing 1 replies (of 1 total)
  • The topic ‘One user blocked for LFI but not me’ is closed to new replies.