- Issue created by @Ahmed.Raza
- Status changed to Closed: cannot reproduce
8 months ago 12:32pm 18 October 2023 - πΈπͺSweden TwoD Sweden
I think someone may be pulling a prank on you. Response code 418 is "i'm a teapot". Wysiwyg only responds 200 or 403 from the
wysiwyg_filter_xss_page_callback()controller function.
You may need to look into what else could be intercepting the request on that path. - π΅π°Pakistan Ahmed.Raza
Hey @TwoD! Hope you are doing good. It was a server side problem on Dreamhosts. I checked the server error logs and found this;
[Wed Oct 11 05:25:36.454083 2023] [:error] [pid 287740:tid 140662376478272] [client 154.80.43.146:64041] [client 154.80.43.146] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file "/etc/modsecurity/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.cphrab.ca"] [uri "/wysiwyg/xss"] [unique_id "ZSaUQLBuxxFE87EjI3Z1JACc0iE"], referer:I contacted Dreamhosts to get it resolved, weird how they decided to throw 418 for this...
Anyways we're all good this can be closed. Thanks