sp_executesql causes 403 error

Home Forums BulletProof Security Pro sp_executesql causes 403 error

Tagged: ,

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • October 19, 2017 at 8:41 am #34344
    Qtwix
    Participant

    Hi,

    I already contacted the support of my host because I got a 403 Error (publicept-the7.ch 403 Forbidden Error Page) when I tried to save the custom code in the BPS Pro plugin. I identified one single line in the .htaccess file in the section “12. CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS” which caused the 403 error which is:

    RewriteCond %{QUERY_STRING} (sp_executesql) [NC]

    Actually, I realized that commenting the line out did not remove the 403 error. And even only the string “# sp_executesql” as a comment caused the error and prohibited BPS Pro to save the custom code. The support of my host already checked the WAF on the server for an according log entry but they couldn’t  find anything related to this issue.

    For now, I just deleted the complete line which removes the issue.

    Do you have an idea why this string causes a 403 error (even if it’s commented out)?

    Thanks!

    October 19, 2017 at 9:01 am #34346
    AITpro Admin
    Keymaster

    If you comment out that security rule then you will need to change the security rule above it by deleting “,OR” since the last security rule should not have the “OR” flag since it is the last security rule and there are not anymore security rules.  See example below.  Sounds like your web host is using Mod Security, which could be causing all of the other problems you have mentioned in your other forum topics.  Have your web host disable Mod Security and then test things.

    RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC]
#RewriteCond %{QUERY_STRING} (sp_executesql) [NC]

    Common Known Mod Security Problems > https://forum.ait-pro.com/forums/topic/mod-security-common-known-problems/

    October 24, 2017 at 8:07 am #34425
    Qtwix
    Participant

    Thanks for your support in my recent posts! I’d just like to let you know that you were right. Together with the support of my Host, we’ve isolated the issue which was based on a ModSec rule which caused the 403 error when saving the .htaccess custom code in BPS Pro. So, everything’s fine now on my site 🙂

    Cheers

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.