Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #42595
    dulaj randika

    My website firewall blocked my IP. Most of the time I unblock that in service provider website. But still same error happening. Please help me.

    COMODO WAF: Vulnerability in PHP before 5.3.12 and 5.4.x before 5.4.2 (CVE-2012-1823) – https://www.cvedetails.com/cve/CVE-2012-1823/
    2021-09-07 15:16:15 thefuturestrust[.]com CRITICAL 404
    GET /wp-content/themes/icos/assets/fonts/themify.woff?-fvbane
    Action Description:
    Access denied with code 403 (phase 1).
    Matched phrase “-C” at MATCHED_VAR

    My public IP

    Jesse Owens

    Hello Julaj-

    Thanks for reaching out, I’m sorry to hear about the trouble with the Comodo WAF.

    A WAF is a “web-application firewall,” and it’s meant to protect your website from potentially malicious actors.

    This specific error has two possible ways you might be able to fix it.

    First, I’d strongly recommend updating your WordPress hosting to a version of PHP 7.3 or higher.

    If this error is correct, it looks like you may be using a PHP version lower than 5.4.2. PHP 5.4.X stopped receiving updates in late 2015, over 6 years ago.

    Your hosting provider should be able to assist you with the upgrade, or you can consider switching to one of our WordPress Hosting partners, who all offer up-to-date versions of PHP.

    The other possible way to fix this is through your theme, “icos.” I wasn’t able to locate the developers of this theme on WordPress.org or through a google search, but the root cause of this error is that something in your theme is calling the themify.woff font using a non-standard query string without an “=” equals sign. Instead, it’s using themify.woff?-fvbane, which looks like it might just be a simple typo using the “-” minus sign instead of the “=” equal sign.

Viewing 2 posts - 1 through 2 (of 2 total)
  • The topic ‘COMODO WAF Vulnerability In PHP (CVE-2012-1823)’ is closed to new replies.