Forum Support

Shape 5
March 29, 2024, 09:55:26 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Shape 5 Forum
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: Image and Content Fader V3 - 403 Error  (Read 889 times)
sheldesign
Jr. Member
**
Offline Offline

Posts: 184



« on: October 31, 2016, 06:08:19 PM »

Hi

I built a site using the Spectrum template in April 2015. I have since been doing regular maintenance on this site for the client and have had no issues with it.

But just last week I discovered an issue with a module using the Image and Content Fader. When I try to make any changes and click 'save' I get a '403 Forbidden' error page. In fact, when I simply open the module and then click close, I also get the '403' error page. I have also tried creating a new module using the Image and Content Fader, and likewise get a '403' Error.

I have 14 other existing modules using the Image and Content Fader and they can be modified and saved/closed without getting the 403 error. It is only the one module above (and when trying to create a new one) that I get the error. I can create new modules using other extensions, etc, but not the Image and Content Fader.

I have asked the web host to look into it, as it seemed like it must be a server issue. They have come back with the following:

"The module on Joomla seems to be vulnerable to a X-Changer SQL Injection Vulnerability which ModSecurity has flagged.
==================================================================
Nov 1 05:17:10 httpd [modsecurity] [Tue Nov 1 05:17:10 2016] [error] [client 101.0.127.12] ModSecurity: Access denied with code 403, [Rule: 'ARGS:from|ARGS:into|ARGS:id' '(?Sad?:select|grant|delete|insert|drop|alter|replace|truncate|update|create|rename|describe)[[:space:]]+[a-z|0-9|\*| |\,]+[[:space:]]+(?:from|into|table|database|index|view)[[:space:]]+[a-z|0-9|\*| |\,]|\'|union.*select.*from)'] [id "390025"] [msg "Atomicorp.com WAF Rules - Virtual Just In Time Patch: X-Changer SQL Injection Vulnerability"]
==================================================================
As you are on a shared hosting package, at this stage we would recommend disabling this plugin and use an alternative."

I explained that it's not a plugin and that I don't have an alternative to use! And I explained what I have detailed above to you.

Can you shed any light on this?

many thanks
Michelle
Logged
mikek
Administrator
*****
Offline Offline

Posts: 28743



WWW
« Reply #1 on: November 01, 2016, 07:52:14 AM »

Hello,

I am not sure what they are trying to show in that code you pasted, that's not from our module. There is a variable called "args", but that's just an array, the rest of the code given is not in our module. Their explanation also doesn't explain why it would work on your other copies and not this one. If those are on the same site, perhaps it's easier to just re-create that copy of the module.

I would suggest updating the module to the latest files. If it has code in it that's not from our original modified, that tells me something has modified.

And to be clear there's nothing in the module that has any potential to cause an injection, and we've never had a report of such.
Logged

Mike Knott
------------
Shape 5 Team

- Need a great host for your website? We highly recommend siteground.com!


- Put your trust in the hands of our extremely qualified staff to get your job done right!


- Firebug is the most powerful web development and debugging tool, and it will save you a lot of time, frustration and forum questions:
Install Firebug
sheldesign
Jr. Member
**
Offline Offline

Posts: 184



« Reply #2 on: November 01, 2016, 05:04:21 PM »

Hi Mike

Yes that's exactly what I said to them - if there was an error with the module none of them would work. Nothing has been modified and it's been working fine for the past year (the error only started last week). That's all great information though - I will pass that on to them as more evidence that it's something on the server, not the site.

thanks!
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com
Valid XHTML 1.0! Valid CSS!
Looking for the largest variety in template designs? Look no more. Never buy 1 theme again. Signups start at just $89 for access to all of our themes.
Send Us An Email
Please send us your questions and we will email you back as soon as we can. Product support questions should be posted in our support forums under the Help menu. Our staff will assist you from there.