HMWP IDS – Exclude potential attack

[knightz]

Hello –

I’m getting the following when enabled HMWP IDS and want to exclude/put as an exception. How would I do that?

—message
The following potential attack has been detected by HMWP IDS.
If it’s you please Exclude that parameter or increase Notify Threshold from IDS settings.
In most cases you don’t need to do anything. Hide My WP protects you!

IP: xxx.xxx.xxx.xxx
User ID:
Date: 2020-05-02
Total Impact: 66
Affected tags: sqli id lfi xss csrf rfe

Affected parameters: REQUEST.custom=%7B%26quot%3Border_id%26quot%3B%3A4171%2C%26quot%3Border_key%26quot%3B%3A%26quot%3Bwc_order_m3YxSR4lSKVgs%26quot%3B%2C%26quot%3Burl%26quot%3B%3A%26quot%3Bhttps%3A%5C%2F%5C%2Fmydomain.com%26quot%3B%7D, POST.custom=%7B%26quot%3Border_id%26quot%3B%3A4171%2C%26quot%3Border_key%26quot%3B%3A%26quot%3Bwc_order_m3YxSR4lSKVgs%26quot%3B%2C%26quot%3Burl%26quot%3B%3A%26quot%3Bhttps%3A%5C%2F%5C%2Fmydomain.com%26quot%3B%7D,

Request URI: /wc-api/yith_paypal_ec/
Origin: xxx.xxx.xxx.xxx

and 2. How do I remove this from my source codes: \/\/

Thanks

[Suman M.]

Hi, HMWP IDS detects malicious requests coming to your site and notify you about it. But all these requests might not be harmful and you need not worry as HMWP IDS will take care of this and will block the malicious requests if Impact level is more than 20 (default value specified in HMWP IDS). You can stop receiving emails regarding this by setting “Notification Threshold” option to 0 in IDS Firewall tab.

Note: If in case, valid request is also listed as intrusion then hover over that request name and click on Exclude link to add it to exception list.

[Author]

Posts