Unable to post in a bbPress forum installed in my wordpress site

I installed bbpress plugin. I am able to access it and set up a forum successfully. https://www.adbhut.in/forums/forum/announcements/

However, when I try to post a topic, I get an ‘Internal server error’.

The error.log has the following messages:

[Sat Jul 16 06:32:41.569217 2022] [:error] [pid 280129:tid 129625830180608] [client 122.171.140.244:50348] [client 122.171.140.244] ModSecurity: Warning. Pattern match “(?:get|post|head|options|connect|put|delete|trace|track|patch|propfind|propatch|mkcol|copy|move|lock|unlock)\\s+(?:\\/|\\w)[^\\s]*(?:\\s+http\\/\\d|[\\r\\n])” at ARGS:bbp_topic_content. [file “/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf”] [line “52”] [id “921110”] [msg “HTTP Request Smuggling Attack”] [data “Matched Data: post haste.\x0d found within ARGS:bbp_topic_content: forum rules\x0d\x0a\x0d\x0athese are the basic guidelines of the forum and are designed to create a safe and enjoyable space for the discussion of writing. the rules may be changed or added to when the need arises so you should check them regularly. any delay in enforcement of the rules does not mean they cannot be enforced at a later date.\x0d\x0a\x0d\x0ageneral forum and forum posting rules\x0d\x0a\x0d\x0aall posts must be free of illeg…”] [severity “CRITICAL”] [ver “OWASP_CRS/3.3.2”] [tag “application-multi”] [tag “language-multi”] [tag “platform-multi”] [tag “attack-protocol”] [tag [hostname “www.adbhut.in”] [uri “/forums/forum/announcements/”] [unique_id “YtK9@WB7tAEWUTPa13HpIwAAAAE”], referer: …

[Sat Jul 16 06:32:41.570472 2022] [:error] [pid 280129:tid 129625830180608] [client 122.171.140.244:50348] [client 122.171.140.244] ModSecurity: Warning. Pattern match “(?:get|post|head|options|connect|put|delete|trace|track|patch|propfind|propatch|mkcol|copy|move|lock|unlock)\\s+(?:\\/|\\w)[^\\s]*(?:\\s+http\\/\\d|[\\r\\n])” at REQUEST_BODY. [file “/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-921-PROTOCOL-ATTACK.conf”] [line “52”] [id “921110”] [msg “HTTP Request Smuggling Attack”] [data “Matched Data: post haste.\x0d found within REQUEST_BODY: bbp_topic_title=forum rules&bbp_topic_content=forum rules\x0d\x0a\x0d\x0athese are the basic guidelines of the forum and are designed to create a safe and enjoyable space for the discussion of writing. the rules may be changed or added to when the need arises so you should check them regularly. any delay in enforcement of the rules does not mean they cannot be enforced at a later date.\x0d\x0a\x0d\x0ageneral forum and forum posting rules\x0d\x0a\x0…”] [severity “CRITICAL”] [ver “OWASP_CRS/3.3.2”] [tag “application-multi”] [tag “language-multi”] [tag “platform-multi”] [tag “attack-protocol”] [tag "paranoia- [hostname “www.adbhut.in”] [uri “/forums/forum/announcements/”] [unique_id “YtK9@WB7tAEWUTPa13HpIwAAAAE”], referer: …

[Sat Jul 16 06:32:41.582446 2022] [:error] [pid 280129:tid 129625830180608] [client 122.171.140.244:50348] [client 122.171.140.244] ModSecurity: Rule 75e50a001738 [id “932115”][file “/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-932-APPLICATION-ATTACK-RCE.conf”][line “294”] - Execution error - PCRE limits exceeded (-8): (null). [hostname “www.adbhut.in”] [uri “/forums/forum/announcements/”] [unique_id “YtK9@WB7tAEWUTPa13HpIwAAAAE”], referer: …

[Sat Jul 16 06:32:41.584092 2022] [:error] [pid 280129:tid 129625830180608] [client 122.171.140.244:50348] [client 122.171.140.244] ModSecurity: Rule 75e50a4654e0 [id “932140”][file “/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-932-APPLICATION-ATTACK-RCE.conf”][line “412”] - Execution error - PCRE limits exceeded (-8): (null). [hostname “www.adbhut.in”] [uri “/forums/forum/announcements/”] [unique_id “YtK9@WB7tAEWUTPa13HpIwAAAAE”], referer: …

[Sat Jul 16 06:32:41.602413 2022] [:error] [pid 280129:tid 129625830180608] [client 122.171.140.244:50348] [client 122.171.140.244] ModSecurity: Rule 75e50a6ef778 [id “942240”][file “/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-942-APPLICATION-ATTACK-SQLI.conf”][line “254”] - Execution error - PCRE limits exceeded (-8): (null). [hostname “www.adbhut.in”] [uri “/forums/forum/announcements/”] [unique_id “YtK9@WB7tAEWUTPa13HpIwAAAAE”], referer: …

[Sat Jul 16 06:32:41.616927 2022] [:error] [pid 280129:tid 129625830180608] [client 122.171.140.244:50348] [client 122.171.140.244] ModSecurity: Access denied with code 418 (phase 2). Operator GE matched 7 at TX:anomaly_score. [file “/dh/apache2/template/etc/mod_sec3_CRS/REQUEST-949-BLOCKING-EVALUATION.conf”] [line “93”] [id “949110”] [msg “Inbound Anomaly Score Exceeded (Total Score: 10)”] [severity “CRITICAL”] [ver “OWASP_CRS/3.3.2”] [tag “application-multi”] [tag “language-multi”] [tag “platform-multi”] [tag “attack-generic”] [hostname “www.adbhut.in”] [uri “/forums/forum/announcements/”] [unique_id “YtK9@WB7tAEWUTPa13HpIwAAAAE”], referer: …

1 Like

The ModSecurity warning/error are due to “Extra Web Security” being turned on for the site in the DH Panel. You might try turning it off and then see if you are able to post.

[ added to answer last post ]
The controls for toggling “Extra Web Security” can be found in the “Manage Domains” section and click “Edit” in the Web Hosting column:

https://panel.dreamhost.com/index.cgi?tree=domain.manage

It was but not in panel (or I did not know where). Reaching out to Support Agent helped.

This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.