lodi646.com login,online slot machine games free.REGISTER NOW GET FREE 888 PESOS REWARDS!

Resolved MrBrian
(@mrbrian)

9 years, 3 months ago

Our blog has many editors, and one of them was having a problem saving drafts, previewing, and submitting their blog post. Ninjafirewall triggered rule 214 everytime, not sure why.

[POST] [/wp-admin/admin-ajax.php] [SQL injection (alter/create/drop)] [POST:data = 92820%0apost%0a322%0aChina’s Second Continent%0a<img id=”yui_3_10_0_1_1440031765476_1764″ src=”https://static2.businessinsider.com/image/50290f926bb3f76b7d000000-1000-980/map-chinese-investments-in…%5D

https://www.ads-software.com/plugins/ninjafirewall/

Viewing 7 replies - 1 through 7 (of 7 total)

Plugin Author nintechnet
(@nintechnet)

9 years, 3 months ago

Hi,

You can simply disable that rule from the “Rules Editor” menu.

There have been two other discussions here about this rule:
–Blocks legit page updates by logged in user.
–Question about whitelists and user accounts

I’ll check how to improve it, if possible.
gagomap
(@gagomap)

9 years, 3 months ago
i have a same problem when login by UserPro Plugin
```
03/Sep/15 04:24:22  #2760771  critical   214  123.18.107.160   POST /wp-admin/admin-ajax.php - SQL injection (alter/create/drop) - [POST:shortcode = [userpro layout="float" collage_per_page="20" emd_paginate_top="1" emd_paginate="1" emd_gender="Gender,radio" emd_country="Search by Country,dropdown" emd_photopreference="Photo Prefe...]
03/Sep/15 04:25:26  #6794876  critical   214  123.18.107.160   POST /wp-admin/admin-ajax.php - SQL injection (alter/create/drop) - [POST:shortcode = [userpro layout="float" collage_per_page="20" emd_paginate_top="1" emd_paginate="1" emd_gender="Gender,radio" emd_country="Search by Country,dropdown" emd_photopreference="Photo Prefe...]
```
gagomap
(@gagomap)

9 years, 3 months ago

i have a same problem when login by UserPro Plugin

03/Sep/15 04:24:22 #2760771 critical 214 123.18.107.160 POST /wp-admin/admin-ajax.php – SQL injection (alter/create/drop) – [POST:shortcode = [userpro layout=”float” collage_per_page=”20″ emd_paginate_top=”1″ emd_paginate=”1″ emd_gender=”Gender,radio” emd_country=”Search by Country,dropdown” emd_photopreference=”Photo Prefe…]
03/Sep/15 04:25:26 #6794876 critical 214 123.18.107.160 POST /wp-admin/admin-ajax.php – SQL injection (alter/create/drop) – [POST:shortcode = [userpro layout=”float” collage_per_page=”20″ emd_paginate_top=”1″ emd_paginate=”1″ emd_gender=”Gender,radio” emd_country=”Search by Country,dropdown” emd_photopreference=”Photo Prefe…]

Plugin Author nintechnet
(@nintechnet)

9 years, 2 months ago

Hi,

You can safely disable that rule from the “Rules Editor”.

gagomap
(@gagomap)

9 years, 2 months ago

Thanks,
A small question: Which port does NinjaFirewall use to send mails ?

Plugin Author nintechnet
(@nintechnet)

9 years, 2 months ago

It uses the WordPress wp_mail() function for most emails.

It also uses the PHP mail() function but only for emails that are sent from the firewall (because WordPress is not loaded when it is running). This applies to:
-File Guard alerts (WP and WP+ editions).
-Web Filter alerts (WP+ edition only).

gagomap
(@gagomap)

9 years, 2 months ago

Thanks,

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘Rule 214 false positive’ is closed to new replies.