Home › Forums › BulletProof Security Pro › Plugin Firewall 403 errors
- This topic has 9 replies, 2 voices, and was last updated 10 years, 7 months ago by AITpro Admin.
-
AuthorPosts
-
janParticipant
I just switched to the PRO version and now keep getting 403 errors. I checked this forum and read some of the threads but cannot figure out why i am getting these. it looks like my legit users may be getting 403’s. Any help is greatly appreciated !!
>>>>>>>>>>> 403 GET or HEAD Request Error Logged - September 9, 2013 - 7:47 pm <<<<<<<<<<< REMOTE_ADDR: 65.55.215.235 Host Name: msnbot-65-55-215-235.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http: //www.onthecuspstophai.org/about-us/key-personnel/pat-posa-rn-bsn-msa/ REQUEST_URI: /wp-content/plugins/user-access-manager/js/jquery.tools.min.js?ver=3.6 QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648) >>>>>>>>>>> 403 GET or HEAD Request Error Logged - September 9, 2013 - 7:47 pm <<<<<<<<<<< REMOTE_ADDR: 65.55.215.235 Host Name: msnbot-65-55-215-235.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http: //www.onthecuspstophai.org/about-us/key-personnel/pat-posa-rn-bsn-msa/ REQUEST_URI: /wp-content/plugins/user-access-manager/js/functions.js?ver=3.6 QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648) >>>>>>>>>>> 403 GET or HEAD Request Error Logged - September 9, 2013 - 7:47 pm <<<<<<<<<<< REMOTE_ADDR: 65.55.215.235 Host Name: msnbot-65-55-215-235.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http: //www.onthecuspstophai.org/about-us/key-personnel/pat-posa-rn-bsn-msa/ REQUEST_URI: /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.40.0-2013.08.13 QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648) >>>>>>>>>>> 403 GET or HEAD Request Error Logged - September 9, 2013 - 7:47 pm <<<<<<<<<<< REMOTE_ADDR: 65.55.215.235 Host Name: msnbot-65-55-215-235.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http: //www.onthecuspstophai.org/about-us/key-personnel/pat-posa-rn-bsn-msa/ REQUEST_URI: /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.5.2 QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648) >>>>>>>>>>> 403 GET or HEAD Request Error Logged - September 9, 2013 - 7:47 pm <<<<<<<<<<< REMOTE_ADDR: 65.55.215.235 Host Name: msnbot-65-55-215-235.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http: //www.onthecuspstophai.org/about-us/key-personnel/pat-posa-rn-bsn-msa/ REQUEST_URI: /wp-content/plugins/ajax-event-calendar/js/jquery.fullcalendar.min.js?ver=1.5.3 QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648) >>>>>>>>>>> 403 GET or HEAD Request Error Logged - September 9, 2013 - 7:47 pm <<<<<<<<<<< REMOTE_ADDR: 65.55.215.235 Host Name: msnbot-65-55-215-235.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http: //www.onthecuspstophai.org/about-us/key-personnel/pat-posa-rn-bsn-msa/ REQUEST_URI: /wp-content/plugins/ajax-event-calendar/js/jquery.simplemodal.1.4.4.min.js?ver=1.4.4 QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648) >>>>>>>>>>> 403 GET or HEAD Request Error Logged - September 9, 2013 - 7:47 pm <<<<<<<<<<< REMOTE_ADDR: 65.55.215.235 Host Name: msnbot-65-55-215-235.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http: //www.onthecuspstophai.org/about-us/key-personnel/pat-posa-rn-bsn-msa/ REQUEST_URI: /wp-content/plugins/ajax-event-calendar/js/jquery.mousewheel.min.js?ver=3.0.6 QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648) >>>>>>>>>>> 403 GET or HEAD Request Error Logged - September 9, 2013 - 7:47 pm <<<<<<<<<<< REMOTE_ADDR: 65.55.215.235 Host Name: msnbot-65-55-215-235.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http: //www.onthecuspstophai.org/about-us/key-personnel/pat-posa-rn-bsn-msa/ REQUEST_URI: /wp-content/plugins/ajax-event-calendar/js/jquery.jgrowl.min.js?ver=1.2.5 QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648) >>>>>>>>>>> 403 GET or HEAD Request Error Logged - September 9, 2013 - 7:47 pm <<<<<<<<<<< REMOTE_ADDR: 65.55.215.235 Host Name: msnbot-65-55-215-235.search.msn.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http: //www.onthecuspstophai.org/about-us/key-personnel/pat-posa-rn-bsn-msa/ REQUEST_URI: /wp-content/plugins/ajax-event-calendar/js/jquery.init_show_calendar.js?ver=1.0.4 QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SLCC1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648)
janParticipanti am sorry but these issues are very different than the 403 i was getting an hour ago. this appears to be something with the Ajax event calendar and not the actual calls to legit PPT and other docs on our server i was having issues with earlier. Been tweaking the permissions to try and get these 403’s to go away altogether.
AITpro AdminKeymasterThese are plugin scripts that need to be whitelisted in your Plugin Firewall. I scanned your website using the BPS Pro cURL 20 page multi-page scanner. The cURL scanners work internally or externally to scan websites.
/user-access-manager/js/jquery.tools.min.js, /user-access-manager/js/functions.js, /contact-form-7/includes/js/jquery.form.min.js, /contact-form-7/includes/js/scripts.js, /ajax-event-calendar/js/jquery.fullcalendar.min.js, /ajax-event-calendar/js/jquery.simplemodal.1.4.4.min.js, /ajax-event-calendar/js/jquery.mousewheel.min.js, /ajax-event-calendar/js/jquery.jgrowl.min.js, /ajax-event-calendar/js/jquery.init_show_calendar.js
Using Regular Expression (Regex) code to condense your Plugin Firewall Whitelist rules – these are the Plugin Firewall Whitelist rules that you will need to copy to the Plugin Firewall Whitelist text area, click the Save Whitelist Options button and activate that Plugin Firewall again:
Edit/Update – Code Correction made to these whitelist rules:
/user-access-manager/js/(.*).js, /contact-form-7/includes/js/(.*).js, /ajax-event-calendar/js/(.*).js
Reference links
http://forum.ait-pro.com/forums/topic/plugin-firewall-read-me-first-troubleshooting/
http://forum.ait-pro.com/forums/topic/security-log-http-error-log-read-me-first/
janParticipantthank you ! I saw the pre-populated values there and assumed they had been saved and the list was activated. Thank you for the speedy answer and great plugin!
AITpro AdminKeymasterOh yep I forgot to mention to overwrite any existing Plugin Firewall whitelist rules EXCEPT for any other plugin scripts that you manually added to the whitelist text area. The Setup Wizard is not automatically creating Regular Expression coded whitelist rules….yet. We are still working on that. 😉
janParticipantI am not sure what is happening but after configuring BPS Pro (upgrading) several apparently CSS-related things are broken:
1. in Dashboard Admin Sidebar: several icons are missing, including BPS Pro
2. the blue BPS Pro B-Core tabs across the top are missing; one very long page with all the options and content
3. When i go to edit pages/posts, the toolbar is gone.
4. When i open a page, it asks me ‘you sure you want to leave’ when i close the window, even if i did not make any edits.I have tried Chrome, Safari and Firefox separately. All are messed up. The last thing i did was whitelist 3 plugins as per your suggestion (using regex); i doubt it is related but just in case, this is what i added to the plugin whitelist:
/user-access-manager/js/(.*).js, /contact-form-7/includes/js/(.*).js, /ajax-event-calendar/js/(*).js
AITpro AdminKeymasterThis Plugin Firewall Whitelist rule is not valid and is causing this problem. This is completely my mistake since I gave you this invalid whitelist rule in the other topic. Sorry about that. I will be merging this topic into your other topic since it is directly related to that topic.
/ajax-event-calendar/js/(*).js
Whitelist rules with correction made
/user-access-manager/js/(.*).js, /contact-form-7/includes/js/(.*).js, /ajax-event-calendar/js/(.*).js
janParticipantah. missing period. i should have caught that even though regex is not my thing. Thanks so much for the speedy support with this. This plugin tethers on the edge of my ability/ies. Thanks again.
janParticipantmaybe it would be easier to delete these last two/three responses and just edit your orig reply? your call (obviously)
AITpro AdminKeymasterI like leaving them – it shows that I am human and make mistakes and am not afraid to admit that. ha ha ha. I apologize for that mistake again and thanks for being understanding about that mistake.
-
AuthorPosts
- You must be logged in to reply to this topic.