Navigation
This is archived content. Visit our new forum.

Tagged: 

  • Author
    Posts
  • #1218837
    kawadataro
    Participant

    Not sure why but it happened twice today. Asked my hosting and their reply was …

    Your web scripts contains XSS vulnerability which is causing your IP blocked by firewall for security reasons. We have unblocked the IP for you, you should be able to access now.
    To avoid similar blocking, you may need to fix the security hole in your web script by upgrading all scripts to latest version and remove all security vulnerable plugins and theme.

    Anyway to fix this?

    #1218838
    kawadataro
    Participant
    This reply has been marked as private.
    #1218905
    Paul R
    Moderator

    Hi,

    Would you mind providing us with login credentials so we can take a closer look? To do this, you can make a post with the following info:

    – Link to your site
    – WordPress Admin username / password
    – FTP credentials

    Don’t forget to select Set as private reply. This ensures your information is only visible to our staff.

    #1218917
    kawadataro
    Participant
    This reply has been marked as private.
    #1218922
    Paul R
    Moderator

    Hi,

    Upon checking, I can see all theme and plugins are up to date.

    I check the plugins and all are listed to be compatible with xtheme.

    Can you try to contact your host again and let them specify which plugin or script is causing the issue.

    Thanks

    #1218979
    kawadataro
    Participant
    This reply has been marked as private.
    #1219039
    Rad
    Moderator

    Hi there,

    Your hosting’s security detected XSS attack. It usually is done through @import, iframe, backgrounds, and any resources that load on a site. And the attack usually happens when an attacker supplies different URL as the gateway for them. According to that log, it detected the CSS’s @import which usually comes with the theme. The problem with that is they can’t really tell if it’s an attack or a valid request. The theme supplies those URLs and not by attackers, another example is google fonts, they use and recommend @import when linking fonts.

    The solution for this is to verify if those requests are really an attack or just a false positive. If they are valid, then they should allow it, if not, then they should point out which URLs are doing that attack.

    Thanks!

    #1219048
    kawadataro
    Participant
    This reply has been marked as private.
    #1219083
    Rad
    Moderator

    Hi there,

    Managed is better than shared, still, it’s not related to the security the hosting has. You should contact the hosting provider to solve all security issues. It can’t be controlled by WordPress, hence its theme and plugins too.

    Thanks!

    #1219114
    kawadataro
    Participant

    Ugh… yeahhost is not responding to my requests well. Anyway, is it possible if i develop the site locally ie, xampp, then upload it to the live site?

    #1219199
    Paul R
    Moderator

    Hi,

    Yes that’s possible.

    Just note that you need to follow our migration guidelines for your site to work correctly after transfer.

    https://community.theme.co/kb/cornerstone-migration/

    Thanks

  • <script> jQuery(function($){ $("#no-reply-1218837 .bbp-template-notice, .bbp-no-topic .bbp-template-notice").removeClass('bbp-template-notice'); }); </script>