See http://wordpress.org/support/topic/345543?replies=2 I have been receiving SQL injection attack warnings from Wordpress Firewall claiming the offending parameter is wassup_screen_res = 1280x768 or other screen resolution. When I deactivate Wassup the problem goes away. I left a similar message with the Firewall folks. In Firewall you are supposed to be able to whitelist offending parameters as well as pages. White listing parameters seems to have no effect. It doesn't matter whether I am viewing WASSUP at the time of the reports the occurrences happen whenever. I cannot make them occur at will. The first thing sent by the user is usually does a basic page or post url without a parameter. This is happening on all three of my blogs but has become more frequent. I'd say over the last three months or so. Are these two plugins colliding in the background?
WordPress SEO Egghead Firewall and Wassup
(7 posts) (3 voices)-
Here is a sample email from the Firewall:
WordPress Firewall has detected and blocked a potential attack!
Web Page: http://www.drumpoint.org/2010/01/members-whats-new-2010-vsc-decals-delayed/index.php?wpgb_public_action=query&visit_delta=0&closed=&logged_in=&referrer=http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3D%2BWinter%2Bedition%2B2010%2Bof%2Bthe%2BRBS%2BAffairs%2BDepartment%2527s%2Bnewsletter%2B-%2BWAVES.%2B%2B%26ie%3Dutf-8%26oe%3Dutf-8%26aq%3Dt%26rls%3Dorg.mozilla%3Aen-US%3Aofficial%26client%3Dfirefox-a&url=http%3A%2F%2Fwww.drumpoint.org%2F2010%2F01%2Fmembers-whats-new-2010-vsc-decals-delayed%2F&title=Members%3A%20What%E2%80%99s%20New%3A%202010%20VSC%20Decals%20Delayed%20%7C%20U.S.%20Coast%20Guard%20Auxiliary
Warning: URL may contain dangerous content!
Offending IP: 68.173.74.1 [ Get IP location ]
Offending Parameter: wassup_screen_res = 1680x1050and another
WordPress Firewall has detected and blocked a potential attack!
Web Page: http://www.drumpoint.org/2010/01/members-whats-new-2010-vsc-decals-delayed/&type=wordpress2.9&wp=abc?_=1262666152667
Warning: URL may contain dangerous content!
Offending IP: 68.173.74.1 [ Get IP location ]
Offending Parameter: wassup_screen_res = 1680x1050WordPress Firewall has detected and blocked a potential attack!
Web Page: http://www.drumpoint.org/
Warning: URL may contain dangerous content!
Offending IP: 68.55.176.178 [ Get IP location ]
Offending Parameter: wassup_screen_res = 1280x768Posted 2 years ago # -
Doug,
The Egghead firewall is blocking the 'wassup_screen_res' cookie that Wassup writes to the visitor's browser to track screen resolution. If you can whitelist cookies, try entering 'wassup_screen_res'. I will also look at this product to see if there is a workaround.-Helene D.
http://techfromhel.webege.comPosted 2 years ago # -
I have the same problem.
I will donate to have it resolved as wassup and firewall are my 2 favourate plugins.I don't think this happened in Wordpress 2.8.6
so it is since 2.9.1 I have noticed the incompatability between the 2.I'm using the latest firewall 1.25, and that version works fine with everything else so far.
That would be great
peterPosted 2 years ago # -
I believe the fix is to add "wassup_screen_res" to Firewall's Whitelist as a "Form Variable".
However, there are other, more serious problems with Wordpress Firewall that WassUp users should be aware of. For more info, read Wordpress support thread: http://wordpress.org/support/topic/345543?replies=7#post-1397776
Posted 1 year ago #
Reply
You must log in to post.