XF 2.2 Oops on notification click


Well-known member
I've been getting some errors where you get an "Oops" when you click the notification bell. This thread talks about the issue. Ignore the elasticsearch issue, which has been resolved.

Someone at the end of that thread also said they got in on editing a link.

I don't know where to begin in resolving this issue. How do I start?

Edit: I just got the error myself.


Edit2: Just found this in console:


Does that help?
Last edited:


Well-known member
My host has said this:

According to the Apache error_log, ModSecurity was being triggered by your IP , and others, believing there were attempts at SQL injections when accessing notifications on the site. This resulted in 403 statuses relating to the core-content.js in the browser console.
Would you like us to disable rule 211700 in ModSecurity Tools to test if the rule affected how the notification bell worked?

They then listed what looks like log information. A bit of it is pasted below to give an idea:

Tue Feb 16 10:53:20 2021] [error] [client] ModSecurity: Access denied with code 403, [Rule: 'MATCHED_VAR' '@rx (?i:[ ()]case ?\(|\) ?like ?\(|\bhaving ?[^\s]+ ?[^\w ]|\bif ?\([\d\w] ?[=<>~])'] [id "211700"] [rev"7"] [msg "COMODO WAF: Detects conditional SQL injection attempts"] [logdata "Matched Data: having-a-server-error.316239/ found within /forums/threads/search-seems-to-be-having-a-server-error.316239/: /forums/threads/search-seems-to-be-having-a-server-error.316239/"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"]

Would you have them disable that rule, or perhaps is my site under threat? Why would clicking a notification button trigger a security alert?