angpanday

Its all good now. I really appreciate all your help. Cheers!

Here is the evidence of the issue:

url: https://outbackworx.com.au/ Payload: N/A variants: 6 matched: sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%2 8none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%2 8Macintosh%3B%20Intel%20Mac%20OS%20X%2010_1 4_5%29%20AppleWebKit%2F605.1.15%20%28KHTML %2C%20like%20Gecko%29%20Version%2F12.1.1%20S afari%2F605.1.15; path=/; domain=.outbackworx.com.au Cookies set via JavaScript do not have an associated H TTP response header. ; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28d irect%29%7C%7C%7Cmdm%3D%28none%29%7C%7C %7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28n one%29%7C%7C%7Ctrm%3D%28none%29%7C%7C% 7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none% 29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct %3D%28none%29; path=/; domain=.outbackworx.com.a u Cookies set via JavaScript do not have an associated H TTP response header. ; sbjs_current_add=fd%3D2024-08-27%2015%3A19%3A 30%7C%7C%7Cep%3Dhttps%3A%2F%2Foutbackworx. com.au%2F%7C%7C%7Crf%3D%28none%29; path=/; d omain=.outbackworx.com.au Cookies set via JavaScript do not have an associated H TTP response header. ; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direc t%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7 Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none %29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Ci d%3D%28none%29%7C%7C%7Cplt%3D%28none%29 %7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3 D%28none%29; path=/; domain=.outbackworx.com.au Cookies set via JavaScript do not have an associated H TTP response header

main=.outbackworx.com.au Cookies set via JavaScript do not have an associated H TTP response header. ; sbjs_migrations=1418474375998%3D1; path=/; domain =.outbackworx.com.au Cookies set via JavaScript do not have an associated H TTP response header. ; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3 A%2F%2Foutbackworx.com.au%2F; expires=Tue Aug 2 7 08:49:30 2024; path=/; domain=.outbackworx.com.au; max-age=373 Cookies set via JavaScript do not have an associated H TTP response header. url: https://outbackworx.com.au/product/roo-bottle-opener -and-pry/ Payload: N/A variants: 2 matched: woocommerce_items_in_cart= 302 Found Date: Tue, 27 Aug 2024 15:21:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-cache, must-revalidate, max-age=0 expires: Wed, 11 Jan 1984 05:00:00 GMT location: https://outbackworx.com.au/product/roo-bottle-o pener-and-pry/?product_added_to_cart=238&quantit y=1 set-cookie: woocommerce_items_in_cart=1; path=/ woocommerce_cart_hash=5992227348df71aa5b4143c38 e72915e; path=

idence Exceptions, False Positives, or Compensating Controls Noted by the ASV for this Vulnerability wp_woocommerce_session_eca4a8e84b21e0cf06c675c 02e854963=t_5401661741dc7729abe2ad3ed96a58%7C %7C1724944870%7C%7C1724941270%7C%7C843627 ef36fa667d7d5c65e81f62628b; expires=Thu, 29-Aug-202 4 15:21:10 GMT; Max-Age=172800; path=/; secure; Http Only x-cacheproxy-retries: 0/2 x-content-type-options: nosniff x-fawn-proc-count: 3,1,24 x-php-version: 8.0 x-redirect-by: WordPress x-xss-protection: 1; mode=block x-backend: varnish_ssl strict-transport-security: max-age=31536000; includeSub Domains CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 8b9d0cbde8bf312e-LAX alt-svc: h3=”:443″; ma=86400

I have already enabled the basic plugin, but still get the same result.

Thank you for the quick reply Mark. So if I go pro version, will that fix the problem? I don’t have any coding background. I’m just relying on plugins.

By the way, do you want me to post here the evidence to be more elaborate….

Should it look something like this?

ErrorDocument 403 /errors/403.html
Order allow,deny
Deny from 123.123.123.123
Deny from 156.156.156.0/24
Deny from 189.189.0.0/16
Allow from all

Problem solved ??