400 It has been detected a sequence that could mean a hacker attack. Your request can not be processed.

Discussion regarding Joomla! 3.x security issues.

Moderators: mandville, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Locked
talktoblond
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri Oct 19, 2018 4:55 am

400 It has been detected a sequence that could mean a hacker attack. Your request can not be processed.

Post by talktoblond » Fri Oct 19, 2018 5:01 am

Hi, professionals!
strongly need your help!
Without any activities from our side yesterday the administrative part of the web-site, when entering the Builder started to show the message 400 It has been detected a sequence that could mean a hacker attack. Your request can not be processed.
The Builder is not working, so we cannot make any changes.
Have anyone already faced the same problem?
Thanks in advance!
Last edited by toivo on Fri Oct 19, 2018 8:13 am, edited 1 time in total.
Reason: mod note: moved to 3.x Security

SharkyKZ
Joomla! Hero
Joomla! Hero
Posts: 2132
Joined: Fri Jul 05, 2013 10:35 am
Location: Parts Unknown

Re: 400 It has been detected a sequence that could mean a hacker attack. Your request can not be processed.

Post by SharkyKZ » Fri Oct 19, 2018 5:21 am

This is coming from Securitycheck. Maybe false positive.

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 14624
Joined: Thu Feb 15, 2007 5:48 am
Location: Sydney, Australia

Re: 400 It has been detected a sequence that could mean a hacker attack. Your request can not be processed.

Post by toivo » Fri Oct 19, 2018 5:39 am

wrote:the administrative part of the web-site, when entering the Builder
Which extension is "the Builder"?
Toivo Talikka, Global Moderator

talktoblond
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri Oct 19, 2018 4:55 am

Re: 400 It has been detected a sequence that could mean a hacker attack. Your request can not be processed.

Post by talktoblond » Fri Oct 19, 2018 8:59 am

SharkyKZ wrote:
Fri Oct 19, 2018 5:21 am
This is coming from Securitycheck. Maybe false positive.
can you tell me where can I fix this?

talktoblond
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri Oct 19, 2018 4:55 am

Re: 400 It has been detected a sequence that could mean a hacker attack. Your request can not be processed.

Post by talktoblond » Fri Oct 19, 2018 9:00 am

toivo wrote:
Fri Oct 19, 2018 5:39 am
wrote:the administrative part of the web-site, when entering the Builder
Which extension is "the Builder"?
It's Youtheme Pro https://yootheme.com/pro - the part of administrative panel where the web site pages can be created via visual editor

User avatar
JAVesey
Joomla! Hero
Joomla! Hero
Posts: 2412
Joined: Tue May 14, 2013 1:21 pm
Location: Cardiff, Wales, UK
Contact:

Re: 400 It has been detected a sequence that could mean a hacker attack. Your request can not be processed.

Post by JAVesey » Sat Oct 20, 2018 2:30 pm

If you are certain that this is a false positive:

Go to the SecurityCheck component and in the box called "Configuration" click on "Web Firewall Configuration" and then on the "Exceptions" tab.

You can then exclude the component that's causing the false positives from that particular check.

You should also discuss this with the component's developer as excluding a component from being checked isn't the ideal solution in many cases.
John V
Cardiff, Wales, UK
Joomla 3.10.9 "live" and local (testing and backup) sites
Joomla 4.1.3 local site (testing!)
All on PHP8.0.18


Locked

Return to “Security in Joomla! 3.x”