Event Espresso Attendee Mover – 403 error

[Rob B]

I am using Event Espresso 4 Atendee Mover
The plugin conflicts with BPS
Below are the log files related to the failure;
ip ans domain removed

[403 GET Request: January 7, 2017 - 1:35 pm]
BPS: .54.2
Event Code: WPADMIN-SBR
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: xx.xx.xxx.xx
Host Name: xx.xx.xxx.xx.example.com
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://example.com/concerts/wp-admin/admin.php?page=espresso_registrations&action=edit_attendee_selections&_REG_ID=4713&edit_attendee_selections_nonce=c0607ca575
REQUEST_URI: /concerts/wp-json/ee/v4.8.36/events?limit%5B%5D=0&limit%5B%5D=10&caps=read_admin&where%5BDatetime.DTT_EVT_end%5D%5B%5D=%3E&where%5BDatetime.DTT_EVT_end%5D%5B%5D=2017-01-07T13%3A35%3A00&where%5BEVT_name%5D%5B%5D=like&where%5BEVT_name%5D%5B%5D=%25ozar%25&include=EVT_ID%2C+EVT_name%2C+Datetime.DTT_name%2C+Datetime.DTT_EVT_start%2C+Datetime.DTT_EVT_end%2C+Datetime.DTT_is_primary%2C+Datetime.DTT_reg_limit%2C+Datetime.DTT_sold&_wpnonce=67c9a811e3&_=1483817709392
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

[403 GET Request: January 7, 2017 - 1:35 pm]
BPS: .54.2
Event Code: WPADMIN-SBR
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: xx.xx.xxx.xx
Host Name: xx.xx.xxx.xx.example.com
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://example.com/concerts/wp-admin/admin.php?page=espresso_registrations&action=edit_attendee_selections&_REG_ID=4713&edit_attendee_selections_nonce=c0607ca575
REQUEST_URI: /concerts/wp-json/ee/v4.8.36/events?limit%5B%5D=0&limit%5B%5D=10&caps=read_admin&where%5BDatetime.DTT_EVT_end%5D%5B%5D=%3E&where%5BDatetime.DTT_EVT_end%5D%5B%5D=2017-01-07T13%3A35%3A00&where%5BEVT_name%5D%5B%5D=like&where%5BEVT_name%5D%5B%5D=%25ozark%25&include=EVT_ID%2C+EVT_name%2C+Datetime.DTT_name%2C+Datetime.DTT_EVT_start%2C+Datetime.DTT_EVT_end%2C+Datetime.DTT_is_primary%2C+Datetime.DTT_reg_limit%2C+Datetime.DTT_sold&_wpnonce=67c9a811e3&_=1483817709393
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

I added;

# Event Esresso Atendee Mover admin.php skip/bypass rule
RewriteCond %{REQUEST_URI} (admin\.php) [NC]
RewriteRule . - [S=2]

CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES:
saved the file and activated it.

Same error
Please help with correct skip bypass role

[AITpro Admin]

UPDATE: BPS Pro 13+ and BPS 2.0+ versions have a feature called: Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) that automatically creates plugin and theme whitelist rules and automatically sets up and cleans up caching plugins htaccess code.

The 403 error is being caused by an angle bracket ">" or "%3E" in the Query String here: DTT_EVT_end%5D%5B%5D=%3E.  To whitelist this Query String create this whitelist rule below.  Note: The Security Log Event Code: WPADMIN-SBR is misleading in this particular case since the Referrer is an internal /wp-admin/ URI. The whitelist rule needs to be created for/in the Root htaccess file.

1. Copy the code below to this BPS Root Custom Code text box: CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES
2. Click the Save Root Custom Code button.
3. Go to the Security Modes tab page and click the Root Folder BulletProof Mode Activate button.

# Event Espresso Attendee Mover Query String skip/bypass rule
RewriteCond %{QUERY_STRING} limit%5B%5D=(.*) [NC]
RewriteRule . - [S=13]

[Rob B]

That did the trick.

Thanks

[Author]

Posts