vBulletin – broken links, https links, security warnings

[Hilary Barrett]

Yesterday I finished setting up Bulletproof Security and also Wordfence.

Yesterday evening I found out that my site’s Vbulletin forum has a very weird new error. When someone quotes another post, Vbulletin automatically links back to the original post. It’s started making these links back begin with ‘https’. The site isn’t on a secure certificate, never has been. Broken links and ominous-looking security warnings everywhere.

Wordpress is installed in mydomain.com/blog; Vbulletin is installed in mydomain.com/forums. So I can’t see how a WordPress plugin can change anything in Vbulletin. (Also, I tried deactivating both BPS and Wordfence and it didn’t help.) However… I hadn’t touched Vbulletin at all, so I have to wonder.

Could BPS or Wordfence have done this?

Thanks for any help!

[AITpro Admin]

BPS has built-in troubleshooting capability and tools. So you do not want to deactivate the BPS plugin for troubleshooting and instead want to use the BPS Troubleshooting steps:  http://forum.ait-pro.com/forums/topic/read-me-first-free/#bps-free-general-troubleshooting

The BPS Security Log is a Primary Troubleshooting Tool:  Your BPS Security Log logs blocked hackers, spammers, etc. & also logs anything else that BPS may be blocking in another Plugin or Theme. To confirm or eliminate that BPS is blocking something legitimate in another Plugin or Theme, check your BPS Security Log for any log entries with that Plugin or Theme name. If you have confirmed that BPS is blocking something in another Plugin or Theme, search the forum using that Plugin or Theme name for a solution.  If no search results are returned for that Plugin or Theme name then create a new Forum Topic and post the Security Log entry from your BPS Security Log that shows exactly what is being blocked in that Plugin or Theme. A whitelist (exclude) rule can then be created to allow whatever is being blocked by BPS.  The BPS Security Log logs all 403 errors whether or not BPS is related to or causing the 403 error.  Example:  Something installed on your server is causing a 403 error.  That 403 error will be logged in the BPS Security Log.

htaccess files are server configuration files that are hiearchical/recursive. So yes, BPS htaccess files could affect 3rd party applications or other folders outside of WordPress. See this forum topic for full details: http://forum.ait-pro.com/forums/topic/htaccess-files-for-multiple-website-domains/ Before assuming BPS htaccess files are causing the vBulletin problems you would do the BPS Troubleshooting steps to first confirm or eliminate that BPS is causing the problems.

Regarding Wordfence problems you would need to contact Worfence about any Wordfence problems.

[Hilary Barrett]

That’s what I thought, thanks: it’s hierarchical, so it can affect a child directory of the WordPress installation, but not a sibling. It looks as though the problem was unrelated to BPS, and having it show up at the same time BPS was installed was a misleading coincidence.

WordPress is installed in mydomain.com/blog; Vbulletin is installed in mydomain.com/forums

[Author]

Posts