Question about rule #1437

  • Resolved tomdkat

    (@tomdkat)


    8 months ago

    Hi! For about 2 weeks straight now, one of the sites I maintain has been getting hammered with attempts to “exploit” critical rule #1437. What I mean is, the NinjaFirewall log contains over 11,000 entries, most of which or blocks of a handful of IP addresses and firewall rule #1437 being identified as the relevant firewall rule.

    This might be a stupid question but should I be very concerned about this activity? Outside of the firewall logs, the site runs fine and I’m able to access WordPress without issue,etc.

    Thanks in advance!

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Rule #1437 protects against a vulnerability in Popup Builder < 4.2.3, which was disclosed last December. If you have that plugin, make sure it is up to date.

    Thread Starter tomdkat

    (@tomdkat)

    Sorry for the delayed response and thanks for the info! Believe it or not, the attack HAS NOT STOPPED since I started this thread! I do have the latest/current version of the plugin so I’m not as worried/concerned.

    Thanks again!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Question about rule #1437’ is closed to new replies.