On Tuesday, Feb. 25, WiscWeb experienced a botnet attack that brought down the service from 8 a.m. until 9:10 a.m. In an attempt to help prevent future botnet attacks, we will be making an important update to our Modsecurity settings. This change is planned to roll out on Monday, March 2, and has the potential to affect some or all WiscWeb sites. Please note that there is a small chance that it will have to be rolled out sooner if we undergo another botnet attack before Monday. In that case, we will email again to let you know.
It is important to note that the changes we are making could mean that WiscWeb editors/administrators, as well as users of your sites, may randomly encounter 403: Permission Required and/or 403: Forbidden error messages on pages and actions that normally would have worked.
We request that you report any and all errors to our team (via our customer support form) as each is an indicator of a Modsecurity update that we need to set. Once we’ve added these instances to the settings, your error will be cleared. We hope to work through these updates as quickly and efficiently as possible.
Examples of actions that could result in errors once we’ve updated the Modsecurity settings next week:
- Form submissions
- General editing in the dashboard (including page/post creation, updates to plugins, menu and Customizer changes, etc.)
- File uploads (to the Media Library or to a form)
We apologize for this inconvenience, but we must make this change to our service to improve performance overall. If you have questions about this change, please do not hesitate to reach out to us via our customer support form.
As always, thank you for your continued partnership and support as we work through new changes to our service.