Home › Forums › Support › Updating failed. Error message: The response is not a valid JSON response.
- This topic has 5 replies, 3 voices, and was last updated 4 years, 1 month ago by Leo.
-
AuthorPosts
-
March 3, 2020 at 8:58 am #1183762Lorne
To debug, I did a fresh WP install on WPXHosting, activated GPP and then imported Catalyst from the site library.
Without making any changes, I pressed the Update button for the Home, Style Guide and Contact pages. ALL these pages give me the error: “Updating failed. Error message: The response is not a valid JSON response.”
The Sample Page and Blog page update without any issue.
One thing I noticed is that all the pages that fail have sections and all the pages that update without any issues do not have sections.
My errorlog shows the following:
[Tue Mar 03 10:25:50.626441 2020] [:error] [pid 106554:tid 139678691022592] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356”] [unique_id “Xl6FDt8YJYXkk9PvjcweSAAAA9s”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=edit
[Tue Mar 03 10:27:45.231338 2020] [:error] [pid 106554:tid 139677868537600] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356”] [unique_id “Xl6Fgd8YJYXkk9PvjcwsBwAABD0”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=edit
[Tue Mar 03 10:29:21.564298 2020] [:error] [pid 106554:tid 139682140423936] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356”] [unique_id “Xl6F4d8YJYXkk9Pvjcw6zQAAAjw”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=edit
[Tue Mar 03 10:30:07.706404 2020] [:error] [pid 108599:tid 139679958320896] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356”] [unique_id “Xl6GDxE3xAYLZ2DZfY04tQAAA0c”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=edit
[Tue Mar 03 10:30:52.825098 2020] [:error] [pid 108599:tid 139686815160064] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356”] [unique_id “Xl6GPBE3xAYLZ2DZfY08jgAAAAs”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=edit
[Tue Mar 03 10:31:33.669117 2020] [:error] [pid 108599:tid 139679488329472] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356”] [unique_id “Xl6GZRE3xAYLZ2DZfY1AIAAAA38”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=edit
[Tue Mar 03 10:32:41.886384 2020] [:error] [pid 108599:tid 139683231475456] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356”] [unique_id “Xl6GqRE3xAYLZ2DZfY1GnAAAAb4”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=edit
[Tue Mar 03 10:33:16.450444 2020] [:error] [pid 108599:tid 139675182872320] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356”] [unique_id “Xl6GzBE3xAYLZ2DZfY1LAAAABYM”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=edit
[Tue Mar 03 10:35:13.009797 2020] [:error] [pid 108599:tid 139682694342400] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356”] [unique_id “Xl6HQRE3xAYLZ2DZfY1VwAAAAf8”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=edit
[Tue Mar 03 10:37:16.502696 2020] [:error] [pid 108599:tid 139675023410944] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/15”] [unique_id “Xl6HvBE3xAYLZ2DZfY1iPQAABZY”], referer: http://mysitename.com/wp-admin/post.php?post=15&action=edit
[Tue Mar 03 10:39:31.097601 2020] [:error] [pid 108599:tid 139676659988224] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356”] [unique_id “Xl6IQxE3xAYLZ2DZfY1xOgAABNI”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=edit
[Tue Mar 03 10:40:31.752322 2020] [:error] [pid 108599:tid 139679396009728] [client 198.164.187.209:0] [client 198.164.187.209] ModSecurity: Access denied with code 403 (phase 2). detected XSS using libinjection. [file “/opt/apache24/httpd/modsecurity.d/activated_rules/slr_rules.conf”] [line “2981”] [id “2500108”] [msg “SLR: WordPress Plugin GDPR Cookie Consent < 1.8.3 – Stored XSS”] [severity “CRITICAL”] [tag “platform-multi”] [tag “attack-xss”] [tag “language-php”] [tag “application-WordPress”] [tag “https://wpvulndb.com/vulnerabilities/10069”%5D [hostname “mysitename.com”] [uri “/wp-json/wp/v2/pages/1356/autosaves”] [unique_id “Xl6IfxE3xAYLZ2DZfY13fAAAA4o”], referer: http://mysitename.com/wp-admin/post.php?post=1356&action=editMarch 3, 2020 at 10:47 am #1183872DavidStaffCustomer SupportHi there,
all those errors are related to the GDPR Cookie Consent plugin.
Can you try disabling that plugin to see if thats the problem.March 3, 2020 at 11:15 am #1183896LorneNot sure what you’re asking me to do.
I only have 8 plugins, 7 inactive, 1 active (GPP 1.9.1)
None say anything about about GDPR
The inactive plugins are:
Askimet Version 4.1.3
Black Studio Tiny MCE Widget Version 2.6.9
GenerateBlocks Version 1.0-alpha.2
Lightweight Grid Columns Version 1.0
Lightweight Social Icons Version 1.0.1
Menu Icons Version 0.12.2
W3 Total Cache Version Version 0.13.1March 3, 2020 at 11:37 am #1183919LeoStaffCustomer SupportThat is very strange. The errors are definitely pointing something towards GDPR.
Can you switch to a twenty series theme temporarily and see if the same issue exists?
Let us know 🙂
March 3, 2020 at 11:38 am #1183921LorneI contacted WPX Hosting to see if maybe the problem was at their end and it turns out their firewall was blocking the updates due to a tag reference somewhere in those pages labeled “attack-xss”. So they were interpreted as some sort of security attack on my site.
Once they whitelisted my update calls, everything worked.
March 3, 2020 at 11:48 am #1183934LeoStaffCustomer SupportGlad to hear!
-
AuthorPosts
- You must be logged in to reply to this topic.