• The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue modsecurity block wordpress admins

Michael Huber

Basic Pleskian
I read the howto to find out the ID .. but in my logfile there is to this event no ID..

how can I stop the admins from being blocked?

--13f9e059-A--
[09/Apr/2019:17:09:57 +0200] XKy1wVdi8vEAAEi-kCsAAAAA xx.xx.xx.xx 53359 xx.xx.xx.xx 7081
--13f9e059-B--
POST /wp-admin/admin-ajax.php HTTP/1.0
Host: www.hide.tld
X-Real-IP: xx.xx.xx.xx
X-Accel-Internal: /internal-nginx-static-location
Connection: close
Content-Length: 53
accept: */*
origin: https://www.hide.tld
x-requested-with: XMLHttpRequest
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
referer: https://www.hide.tld/wp-admin/admin.php?page=wps_overview_page
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
cookie: wordpress_sec_4c8b704ba82cbdcef4248d59ea76abb9=poshpi%7C1554798484%7C5atVLz83oa0Vt0ezr4Vhxogk0z7Amv86mrdOBsXBMCQ%7C0afb0fb4f45f7a2916610eb016d9e9c894771f6829e8d6c75fa7dde4f094e4b2; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_4c8b704ba82cbdcef4248d59ea76abb9=poshpi%7C1554798484%7C5atVLz83oa0Vt0ezr4Vhxogk0z7Amv86mrdOBsXBMCQ%7C14183ffa3f9a8f626a2cbee14312a91891aadd5f3633035da6f1407697754f7a; PHPSESSID=dpsqbddv7ou7i1qqinnhjmng77; wp-settings-3=editor%3Dtinymce%26libraryContent%3Dbrowse%26imgsize%3Dfull%26advImgDetails%3Dshow; wp-settings-time-3=1554625687

--13f9e059-C--
action=wp_statistics_get_widget_contents&widget=about
--13f9e059-F--
HTTP/1.1 400 Bad Request
X-Powered-By: PHP/7.0.33
Pragma: no-cache
Access-Control-Allow-Origin: https://www.hide.tld
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Powered-By: PleskLin
Connection: close
Content-Type: text/html; charset=UTF-8

--13f9e059-H--
Apache-Handler: proxy:unix:///var/www/vhosts/system/hide.tld/php-fpm.sock|fcgi://localhost/
Stopwatch: 1554822593850232 3399627 (- - -)
Stopwatch2: 1554822593850232 3399627; combined=3395, p1=2, p2=3383, p3=4, p4=1, p5=4, sr=0, sw=1, l=0, gc=0
Producer: ModSecurity for Apache/2.8.0 (ModSecurity: Open Source Web Application Firewall 201810311011.
Server: Apache
Engine-Mode: "DETECTION_ONLY"

--13f9e059-Z--
 
Back
Top