Flare plugin security log error

Home Forums BulletProof Security Pro Flare plugin security log error

Tagged: , , , ,

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • June 5, 2013 at 3:08 am #6724
    J Garner
    Participant

    Hi there,
    I’m getting this error in my security log:
    I’m not all that impressed with the way the plugin works as it inserts code on all pages regardless of whether you are using the code and seems to use some display:none; type to leave the code in the page and just hide it when you deactivate the sharing buttons in any of the 3 possible positions (above, on the side and below content). However the client likes it but now I’m seeing this error in the log that seems to be some type of counter for shares… Any ideas what I need to do to get it to work without errors?
    Thanks

    >>>>>>>>>>> 403 GET or Other Request Error Logged - juin 5, 2013 - 11:53 <<<<<<<<<<<
REMOTE_ADDR: [IP1 removed]
Host Name: [IP2 removed]
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR: [IP2 removed]
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /wp-admin/admin-ajax.php?action=flare_get_counts&url=[Blog Post URL removed]&post_id=630&_wpnonce=b943b60136
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; MS-RTC LM 8; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
    June 5, 2013 at 7:09 am #6728
    AITpro Admin
    Keymaster

    UPDATE: BPS Pro 13+ and BPS 2.0+ versions have a feature called: Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) that automatically creates plugin and theme whitelist rules and automatically sets up and cleans up caching plugins htaccess code.

    1. Add the admin-ajax.php skip/bypass rule below to this wp-admin Custom Code text box: CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES
    2. Click the Save wp-admin Custom Code button.
    3. Go to the Security Modes page and Activate wp-admin Folder BulletProof Mode.

    Note:  The skip rule must be [S=2] because it will be written to your wp-admin .htaccess file above skip / bypass rule [S=1].  If you have other wp-admin skip/bypass rules already then either combine them or add this skip/bypass rule separately above the other rules and change the skip #.  Example:  If you already have skip #’s 2 and 3 then this rule would be skip rule #4.

    # admin-ajax.php skip/bypass rule
RewriteCond %{REQUEST_URI} (admin-ajax\.php) [NC]
RewriteRule . - [S=2]
    June 5, 2013 at 12:21 pm #6745
    J Garner
    Participant

    Cool thanks very much
    I hadn’t ever used that, hopefully I’ll pick that up next time I see a URL that is referring to the admin area…

    Thanks

    June 5, 2013 at 12:38 pm #6749
    AITpro Admin
    Keymaster

    We are planning on adding additional Admin Dismiss Notices that will be checking for a lot of things like this.
    Example Error Message: “Plugin X is using admin-ajax.php which is being blocked by BPS.  To resolve this issue add this custom code skip/bypass rule to blah blah blah….”

    June 5, 2013 at 12:42 pm #6750
    J Garner
    Participant

    That sounds great, nice idea, and of course you can carry on teasing with great ideas like that 😉

    June 5, 2013 at 12:44 pm #6751
    AITpro Admin
    Keymaster

    This was actually supposed to be completed and in BPS Pro, but BPS Pro development is currently about 8 months behind schedule.  We have implemented the first stage of this new error checking code in BPS Pro 5.9 and will add a large majority of these Admin Dismiss Notices in 6.0.

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.