My Calendar Plugin – Shortcode Builder 403 Error, Shortcode Button, WYSIWYG

Home Forums BulletProof Security Pro My Calendar Plugin – Shortcode Builder 403 Error, Shortcode Button, WYSIWYG

Tagged: , , , ,

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • January 16, 2013 at 6:58 am #1048
    AITpro Admin
    Keymaster

    Email Question:

    I have the pro version installed all on except ARQ. 

     Now im getting a problem with one og my plygins My Calendar. It has a shortcode builder. So when i in pages (the editor) presses the my calendar shortcode builder i get a 403 forbidden page. The supplier is saying this: 

    The shortcode button calls a JavaScript thickbox interface that includes a variety of JavaScripts and PHP files used to generate a shortcode and insert it into your editor. All of the files are contained in the plug-in directory under /my-calendar/button/

     Best Regards

    Morten

    January 16, 2013 at 6:59 am #1049
    AITpro Admin
    Keymaster

    I will test this plugin and post the results back here.  Thanks.

    January 16, 2013 at 7:34 am #1052
    AITpro Admin
    Keymaster

    Also please go to the B-Core Security Log page and post the 403 error here.

    January 16, 2013 at 7:40 am #1053
    AITpro Admin
    Keymaster

    I have tested the My Calendar plugin and a 403 error did not occur when creating a new Page and using the Insert My Calendar WYSIWG button on the WP Editor Toolbar to insert the shortcode.  This 403 error does not appear to be caused by BPS. Please check your B-Core Security Log for the error and post it here.

    January 17, 2013 at 1:17 am #1099
    mbech
    Participant

    I cannot se anything in my b-core security log. BUT i turned of BPS firewall no change still 403 error. Then i deactivated BPS pro and it worked as it should. So somehow it is BPS pro causing the error. I’ve follow the installation video completely. ARQ is NOT turned on. My Calendar is installed after BPR was turned on.

    January 17, 2013 at 7:02 am #1101
    AITpro Admin
    Keymaster

    Ok I will need to log into your site and see what is going on.  Please create a temporary WordPress Admin login account and send that login information directly to my email edward at ait-pro dot com.  Thanks.

    January 18, 2013 at 12:10 pm #1172
    AITpro Admin
    Keymaster

    Resolved:

    I am not exactly sure why this error did not occur on my testing site, but I will look into that further.

    After logging in and testing adding a My Calendar Shortcode by clicking the My Calendar Shortcode button on the WYSIWYG editor toolbar I confirmed that this 403 Error was occurring:

    403 Forbidden

    Access to this resource on the server is denied!
    Powered By LiteSpeed ​​Web Server
    LiteSpeed ​​Technologies is not ansvarlig for administration and contents of this web site!

    Cause: 

    The pop up window that is generated is “virtual” so that is why it is not being logged in the BPS Pro Security Log.  

    This pop up window is doing something that BPS Pro sees as unsafe.  It is actually ok/safe to allow this.

    What I had to do was to comment out this security filter in your root .htaccess file by adding a pound sign # in front of this security rule because of the way the pop up is doing what it is doing.  I will document this in the Forum so that if you ever need to create a new root .htaccess file in the future then you will know exactly what you need to comment out in your root .htaccess file.

    #RewriteCond %{THE_REQUEST} \?\ HTTP/ [NC,OR]
  • Author
    Posts
Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.