Hi bricks team,
I sent this report to the support email yesterday, but since it’s an emergency, I decided to share it on the forum to see if there are any similar cases.
The problem is that the server blocks foreign IPs under certain circumstances due to security issues. Since some colleagues from abroad access the site to produce content on the website, their IPs are constantly blocked. I shared this with the hosting and they sent the blocks log and it seems to be something related to bricks.
Message: Access denied with code 403 (phase 2). Match of "streq IR" against "GEO:COUNTRY_CODE" required. [file "/usr/local/waf_rules/20_apps_wp_plugin.conf"] [line "3149"] [id "8990260"] [rev "1"] [msg "Bricks <= 1.9.6 - Unauthenticated Remote Code Execution"]
Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client (user ip)] ModSecurity: Access denied with code 403 (phase 2). Match of "streq IR" against "GEO:COUNTRY_CODE" required. [file "/usr/local/waf_rules/20_apps_wp_plugin.conf"] [line "3149"] [id "8990260"] [rev "1"] [msg "Bricks <= 1.9.6 - Unauthenticated Remote Code Execution"] [hostname "domain.com"] [uri "/wp-json/bricks/v1/load_query_page"] [unique_id "id code"]
Thank you in advance for any guidance.