AJAX Search blocked by Sucuri Firewall

Ivory Search Forums Support AJAX Search blocked by Sucuri Firewall

Tagged: , , ,

Viewing 2 reply threads

You must be logged in to create new topic or reply to the topic.

  • Author
    Posts
    • #16321
      Marcus
      Participant
      • Topics: 1
      • Replies: 1

      I am reaching out to seek assistance regarding a compatibility issue with the Ivory Search plugin and the Sucuri Firewall service.

      I have noticed that the AJAX search functionality of the Ivory Search plugin is being blocked by the Sucuri Firewall. I’ve reached out to Sucuri’s support team and they’ve provided me with the following details:

      1. URL: XSS040 GET 403 /wp-admin/admin-ajax.php?action=jet_ajax_search&nonce=69c1f17932&data%5Bsearch_source%5D%5B%5D=finding_aid&data%5Bsearch_taxonomy%5D=&data%5Binclude_terms_ids%5D=&data%5Bexclude_terms_ids%5D=&data%5Bexclude_posts_ids%5D=&data%5Bcustom_fields_source%5D=&data%5Blimit_query%5D=5&data%5Blimit_query_tablet%5D=&data%5Blimit_query_mobile%5D=&data%5Blimit_query_in_result_area%5D=25&data%5Bresults_order_by%5D=relevance&data%5Bresults_order%5D=asc&data%5Bsentence%5D=&data%5Bsearch_in_taxonomy%5D=&data%5Bsearch_in_taxonomy_source%5D=&data%5Bresults_area_width_by%5D=form&data%5Bresults_area_custom_width%5D=&data%5Bresults_area_custom_position%5D=&data%5Bthumbnail_visible%5D=yes&data%5Bthumbnail_size%5D=thumbnail&data%5Bthumbnail_placeholder%5D%5Burl%5D=https%3A%2F%2Fwww.southpeacearchives.org%2Fwp-content%2Fplugins%2Felementor%2Fassets%2Fimages%2Fplaceholder.png&data%5Bthumbnail_placeholder%5D%5Bid%5D=&data%5Bthumbnail_placeholder%5D%5Bsize%5D=&data%5Bpost_content_source%5D=content&data%5Bpost_content_custom_field_key%5D=&data%5Bpost_content_length%5D=30&data%5Bshow_product_price%5D=&data%5Bshow_product_rating%5D=&data%5Bshow_result_new_tab%5D=&data%5Bhighlight_searched_text%5D=&data%5Bsymbols_for_start_searching%5D=2&data%5Bbullet_pagination%5D=&data%5Bnumber_pagination%5D=&data%5Bnavigation_arrows%5D=in_header&data%5Bnavigation_arrows_type%5D=angle&data%5Bshow_title_related_meta%5D=&data%5Bmeta_title_related_position%5D=&data%5Btitle_related_meta%5D=&data%5Bshow_content_related_meta%5D=&data%5Bmeta_content_related_position%5D=&data%5Bcontent_related_meta%5D=&data%5Bnegative_search%5D=Sorry%2C%20but%20nothing%20matched%20your%20search%20terms.&data%5Bserver_error%5D=Sorry%2C%20but%20we%20cannot%20handle%20your%20search%20query%20now.%20Please%2C%20try%20again%20later!&data%5Bvalue%5D=vader&data%5BdeviceMode%5D=tablet&_=1683834612842
      2. The special encoding characters are triggering the firewall XSS rules.
      3. The blocks are occurring on the admin URL and the firewall will not allow the phrase ‘admin’ in the allowlist/whitelist
        as it will defeat the purpose of a firewall.

      If I upgrade to one of your premium versions of the plugin, will it resolve this issue? Are you able to change anything to prevent the AJAX search from being blocked by the firewall XSS rules? If it wasn’t running from the admin-ajax.php I would be able to whitelist it.

    • #16322
      Marcus
      Participant
      • Topics: 1
      • Replies: 1

      Apologies – Please delete as this question is for a different search plugin – I mixed them up prior to submitting.

    • #16339
      Ivory Search
      Keymaster
      • Topics: 0
      • Replies: 1,748

      Not an issue at all.

      You are always welcome here 🙂

Viewing 2 reply threads

You must be logged in to create new topic or reply to the topic.