Support

Hello,

can you please add the string task to the Query parameter field? That should disable the SQLiShield feature as well.

mhm... those seems a little too much.

Let me connect to your site so I can review some settings. Moreover please give me the steps required to replicate the issue.

I have made this ticket private so that only you and me can see the information posted here.

Please provide me with the following information:

1. The URL to your site's administrator login page
2. Super User username and password
3. FTP connection information

Please allow up to one business day (GMT+2 timezone) for me to log in to your site and debug this issue. When I'm done I will post back. Once the issue is fixed, you can revoke my access e.g. by changing the Super Administrator and FTP passwords.

IMPORTANT INFORMATION
In order for me to help you fast and accurately, please provide the information by copying the form below, paste it into your reply and fill in the information:

----- Access Information Form -- START -----
Super Administrator access

• URL to site's administrator page (e.g. http://www.example.com/administrator?foobar):
• Super User username:
• Super User password:

FTP connection information

• FTP methods supported (e.g. FTP, FTPS, SFTP):
• FTP Hostname:
• FTP Username:
• FTP Password:
• FTP Port (if other than 21 for FTP and 22 for SFTP, ask your host):

----- Access Information Form -- END -----

Please make sure that you have tested the Super Administrator connection using a different browser or machine than the one you are using daily. Double check that logging in is possible and that the user has Super User privileges, i.e. it's not a regular Administrator. Make sure that your site does not block whole countries or IP ranges which would make it impossible for me to log in / connect by FTP. Finally, please do make sure that the FTP connection works and that logging in to it I have access to your site's files.

Kindly note that your site connection information and your site content is handled in strict confidence. Not only we are a reputable development company, we are also bound by law (EU GDPR) to do so. After you file your reply, the connection information to your site will be stored in an encrypted, hidden storage area on our site and will be automatically deleted when this ticket is closed. Finally keep in mind that the people providing support to you are the same developers who wrote the software you're using on your site.

My current IP is 176.207.14.110

I just tried to setup a form and... everything went fine (of course!).

I have enable logging to file, when this happens again can you please page me so I can review what's the actual content of the request?

Thank you for the info. Looking at the log, I can see that there are some fields that have the value "Select country". This is a reserved SQL keyword, so the SQL Shield goes berserk and blocks everything.

If it's possible, I'd suggest you to change the "no selection" option to "Pick a country" or "Choose a value", something like that

You're welcome!

I suspect there could be something that can be read as an attack. Does it happen all the time or only when specific data is submitted?

Please get inside the WAF Configuration page and tell Admin Tools to create a log file. When the request is blocked, please get the log file, upload it somewhere and page me. It should say why that request has been blocked, including the offending data.

Thank you very much for the file. Looking at it, it seems that there are several fields that instead of being blank there's a forward slash / 

Is that a default in the form? Is it possible to change? That char is used to separate folder names, so I suspect Admin Tools recognizes it as an attempt to include a file, so it gets blocked. Can you please change the default value or instruct the customer to avoid using that char?

You're welcome!