Home › Forums › BulletProof Security Free › Tribulant Shopping Cart – 403 error
Tagged: 403 error, Shopping Cart, tribulant
- This topic has 4 replies, 2 voices, and was last updated 9 years ago by
AITpro Admin.
-
AuthorPosts
-
Todd
ParticipantHi AIT PRO,
I’ve been using your free BPS plugin on many sites for years. I haven’t had a site hacked since using it, so I am a big fan and using it on all client sites as well as my own. Today, I was alerted to an issue on a client site that has a shop plugin – The Shopping Cart Plugin from Tribulant . We started receiving a 403 page when someone tries to put an item in the cart. The item actually gets put into the cart, but to the customer, they receive the 403 page and think they cannot purchase the item. I searched the forums but didn’t find anything about the plugin except this, which doesn’t apply to my issue (I tried it anyway)
http://forum.ait-pro.com/forums/topic/tribulant-shopping-cart-unable-to-save-options-403-error/
So, I followed the troubleshooting instructions to add the URI to the custom code as [S=13] to the following section:
CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES: Add personal plugin/theme skip/bypass rules here
However, I must be doing something wrong because I am still getting the 403 message. It is happening on the production site as well as the development/testing site. I am doing these tests on the development site: http://www1.smseafoodmarket.com
Here’s the log entry: I have a bunch of them and they are all the same.
[403 GET / HEAD Request: April 9, 2015 - 3:54 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 8.25.32.186 Host Name: 8.25.32.186 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://xxxxxxx/product/gift-cards-2/ REQUEST_URI: /shop/shopping-cart?wpcoupdated=true&wpcomessage=Product%20added.%20%3Ca%20href=%22http://www1.smseafoodmarket.com/shop/shopping-cart/%22%3EView%20Cart%20→%3C/a%3E QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.82 Safari/537.36
If you need a login id and password, I can PM you one. I’d really like to get this fixed ASAPas it is preventing sales on this site. I don’t want to remove the plugin because I just reviewed all of the other top security plugins but they all seem to have major issues. And, not having anything is just not an option.
Can you give me the plugin Skip/Bypass rule for this?
Thanks, Todd
AITpro Admin
KeymasterCreate a skip/bypass RewriteRule for the tribulant /shop folder. See the instructions in the link below.
# WP REWRITE LOOP START RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] # RewriteRule for the tribulant /shop folder RewriteRule ^shop/ - [L]
ParticipantI applied the rule as indicated, now some of the buttons in the shop don’t work. For example, going from page 1 to page 2 of the shop can’t be done, so no one will be able to order the gift card. And other buttons (such as removing an item from the cart, sorting) don’t work either. See for yourself:
http://www1.smseafoodmarket.com/shopCan you look again?
Thanks.
KeymasterI see 9 items on a page that lists up to 10 items. ie Displaying 1 – 9 of 10. Is page 2 a custom item? To get everything working correctly, deactivate root and wp-admin BulletProof Modes. Since tribulant is a premium plugin I cannot test it. We have a strict policy about not being allowed to login to other folks sites with the BPS free plugin installed so I would not be allowed to do that.
KeymasterI got the ok to test the tribulant plugin if you send it to us. After testing the tribulant plugin will be deleted from our testing site and also any copies that you sent to us. If you want to do this then send a tribulant zip file to: info at ait-pro dot com. Thanks.
-
AuthorPosts
- You must be logged in to reply to this topic.