capsulacorp

IMHO The problem is not from woocommerce. Is about the security filters of the web hosting. In our case we detected that the woocommerce sites with the issue are in hostings managed by us that have “mod-security” activated and the problem began with the update yesterday of one of the rulesets of mod-security. In our case we have imunify360 ruleset as a vendor and the problem was in the rule “77350026”. The vendor had patched a solution that maybe will be ready in a few time. In our case we disabled the complete ruleset while fix is arriving automatically.

contact with your hosting provider, they will fix ruleset

you don’t have to disable mod-security. Only the rule with the problem and notify to the ruleset the problem

Yes I can confirm problem in solved in the other woocommerce installations. The problem in out case was simply false positive modsecurity rules (in imunify360 vendor)

Same problem here.
Suddenly today, without explanation, many WooCommerce stores that we have worked on over the years stopped working correctly. We have WooCommerce stores in different locations in different data centers and they belong to different servers / clients, etc.
Today the ability to create or delete WooCommerce products stopped working. Sometimes it gives a 404 error and other times a 403 error depending on the project.

We have found a single pattern and is that WooCommerce installations that are causing problems have mysql version 5.7.
How do we solve this disaster? If it was something related to the mysql version, as we suspect, it would make no sense for something to stop working without prior notice.
I hope someone can find an urgent solution. Thanks.

Edit: I found one woocommerce installation running with mysql 8.0 and same problem: 404 after create or delete a new product

Edit2: I fixed the problem. In my case was a mod_security false positive.
I checked apache error_log and found this:

[Thu May 16 21:05:43.104206 2024] [security2:error] [pid 19101:tid 47550931134208] [remote x.x.x.x:65418] [client x.x.x.x] ModSecurity: Access denied with code 403 (phase 2). Match of “rx ^$” against “ARGS:product_shipping_class” required. [file “/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/006_i360_custom.conf”] [line “639”] [id “77350026”] [msg “IM360 WAF: Track suspiciious Spring Framework requests||T:APACHE||MVN:ARGS:product_shipping_class||MV:-1||”] [severity “CRITICAL”] [tag “service_im360”] [hostname “domain.com”] [uri “domain.com/wp-admin/post.php”] [unique_id “ZkZZBqvk961AERPW7wGwLAAAFwY”], referer: https://domain.com/wp-admin/post.php?post=15623&action=edit

I simply deactivated mod_sec ruleset involved in false positive and it worked.
I will test in my other sites.

• This reply was modified 9 months, 3 weeks ago by capsulacorp.
• This reply was modified 9 months, 3 weeks ago by capsulacorp.