Email Question:
I am experiencing a data corruption problem in the frontend since 13/04/2017. The database shows the correct form field text but the frontend don’t.
Whilst struggling to resolve this Portal HUB-page issue I came across Imunify360.
The smuggling attacks listed is my IP address whilst I worked on the form that is corrupt.
My questions to BPS Pro are:
• Does BPS Pro protect smuggling attacks inside our portal?
• Does BPS Pro protect WordPress login attempt? (also listed in the events log)
• Must humpthy continue with the ModSecurity status ON or OFF?
This is what our ISP says:
Imunify360, which we have installed on all our servers, simply combines all the protections we used to run on our servers (mod_security, a malware scanner, firewall and so on) in one tool, which makes it easier for us to manage, and easier for clients to unblock themselves (with the captcha form you saw) from a server.
I suspect that it is possibly a new mod_security rule (rules re added and updated frequently to counter new attacks) which might have caused the problem.
As you can see in the attached screenshot, most mod_security protections for your website are triggered by people trying to hack into your wordpress. There are a few “http smuggling attack” protections listed.
I have whitelisted that mod_security rule (217280) to see if that solves the problem you’re having. If you continue to have problems, you can test if its mod_security yourself, by clicking on MODSECURITY in your cpanel and temporarily disabling it.