Home › Forums › BulletProof Security Free › Unable to save custom code – 403 error
Tagged: 403 error, Custom Code
- This topic has 3 replies, 2 voices, and was last updated 7 years, 9 months ago by AITpro Admin.
-
AuthorPosts
-
JasonParticipant
Hi,
So I’ve got an issue where my client is using Mail Chimp for newsletters and the links don’t resolve to the correct URL and instead end up at the Apache 2 Test Page. This in itself is a mystery and why it doesn’t show a 403 but anyway after some research I believe it’s due to the issue outlined in this BPS forum post: http://forum.ait-pro.com/forums/topic/mailchimp-tracking-code-causing-403/#post-13778 and rounded brackets.
http://mysite.com/?ct=t(Name_Of_Newsletter_Aut7_7_2016)&mc_cid=e7f7f73ecc&mc_eid=[UNIQID]
I’ve since copied the custom code from that post but whenever I “Click the Save Root Custom Code button” I get a 403 Forbidden Alert and my IP get’s blocked by the server.
I can see the following security log is triggered and I think I need to implement a Skip / Bypass rule but not sure if it should be on the core.php or admin.php? Also not too sure how to implement this without tirggering the same issue?
[403 POST Request: July 8, 2016 - 10:55] Event Code: WPADMIN-SBR Solution: http://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: ##.###.###.### Host Name: -----.----.--- SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://mysite.com/wp-admin/admin.php?page=bulletproof-security%2Fadmin%2Fcore%2Fcore.php REQUEST_URI: /wp-admin/admin.php?page=bulletproof-security/admin/core/core.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0 REQUEST BODY: _wpnonce=528da6bf7d&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dbulletproof-security%2Fadmin%2Fcore%2Fcore.php&bps_customcode_one=&bps_customcode_server_signature=&bps_customcode_directory_index=&bps_customcode_server_protocol=&bps_customcode_error_logging=&bps_customcode_deny_dot_folders=&bps_customcode_admin_includes=&bps_customcode_wp_rewrite_start=&bps_customcode_request_methods=&bps_customcode_two=&bps_customcode_timthumb_misc=&bps_customcode_bpsqse=%23+BEGIN+BPSQSE+BPS+QUERY+STRING+E
Hope you can shed some light on this.
Many thanks
JasonAITpro AdminKeymasterThis could be caused by the BPS Pro Plugin Firewall having invalid code in the PFW htaccess file. Go to the Plugin Firewall and click the Deactivate button and try to save your custom code again. More likely this problem is caused by another plugin you have installed or maybe something like mod_security is installed on the host server. Go to the BPS System Info page and click the Get Plugins List button and copy and paste all of your installed plugins in your forum reply.
JasonParticipantHi
Thanks very much for the reply and sorry I should have said I’m using BPS free on this site.
Here’s the plugin list:
BulletProof Security .53.9 – Activated: bulletproof-security/bulletproof-security.php
Contact Form 7 4.4.2 – Activated: contact-form-7/wp-contact-form-7.php
Contact Form 7 widget 1.0 – Activated: contact-form-7-widget/contact-form-7-widget.php
Cookie Law Info 1.5.3 – Activated: cookie-law-info/cookie-law-info.php
Custom Facebook Feed Pro Developer 2.6.7 – Activated: custom-facebook-feed-pro/custom-facebook-feed.php
eStore bulk discount 1.2 – Activated: estore-bulk-discount/estore-bulk-discount-addon.php
File Un-Attach 1.1.3 – Activated: file-un-attach/file-unattach.php
Google XML Sitemaps 4.0.8 – Activated: google-sitemap-generator/sitemap.php
MailChimp for WordPress 3.1.11 – Activated: mailchimp-for-wp/mailchimp-for-wp.php
Really Simple CAPTCHA 1.9 – Activated: really-simple-captcha/really-simple-captcha.php
WP-PageNavi 2.91 – Activated: wp-pagenavi/wp-pagenavi.php
WP eStore 7.3.8 – Activated: wp-cart-for-digital-products/wp_cart_for_digital_products.phpAs a further bit of information I was locked out and IP blocked at the server level as a I triggered a ModSecurity. My hosting provider noted this at the same time as the above issue:
[Fri Jul 08 10:55:26 2016] [error] [client ##.###.###.###] ModSecurity: [file "/etc/httpd/modsecurity.d/10_asl_rules.conf"] [line "121"] [id "390614"] [rev "23"] [msg "Atomicorp.com WAF Rules: Invalid character in ARGS"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Match of "rx recaptcha_response_field" against "TX:invalidarg2" required. [hostname "mysite.com"] [uri "/wp-admin/admin.php"] [unique_id "V394ji63C2sAAELVrgMAAABm"]
It appears yet note captcha but I don’t run recaptcha within the admin.
Thanks
JasonAITpro AdminKeymasterOops yeah my bad on the Plugin Firewall deactivation thing. Ok so it does look like what is blocking the Custom Code save is a ModSecurity SecRule or SecFilter. This same exact issue/problem has occurred on several occaisons here and there over the years with mod_security and saving code in BPS Custom Code. That mod_security error you posted may or may not be related to the Custom Code issue/problem. You are correct that the captcha should not be doing anything in your wp-admin backend, but since a captcha controls access to the wp-admin backend via the login page (either by using the /wp-login.php or the /wp-admin URI) then the error may be misleading. If your host allows turning off mod_security using htaccess code then see this forum topic for how to turn off mod_security for testing: http://forum.ait-pro.com/forums/topic/how-to-turn-off-mod-security-mod_security-secfilterengine-off/
-
AuthorPosts
- You must be logged in to reply to this topic.