BulletProof Security Forum

It doesn’t matter which forum you post in. Yep, send me the Security Log info to: info@ait-pro.com

I just realized I posted in the Free forum, should I repost in Pro?

should I email you the log? Its big, thanks!!

I need more information. Have them send you Security Log entries from the BPS Pro Security Log that show what is being blocked.

Thanks so much, that seems to have sorted it. I very much appreciate your excellent support.

What is being blocked is the single quote code character/apostrophe in the Query String: Valentine%27s Use the solution in this forum topic to fix the problem > https://forum.ait-pro.com/forums/topic/apostrophe-single-quote-code-character/#post-6939

I’m finding it strange that the site owner gets a 403 (it’s them who’s blocked in the logs) but I don’t.

I will be testing your code soon. Been crazy busy on another project I am working on for the last year or so. In general, BPS Pro is a “completed” plugin in my opinion, but there are some things that I want to improve. When new versions of PHP are released, I install them on my Development server and test them with BPS Pro. The same applies with…[Read more]

It seems to work for me – it was really becoming very annoying
Setup (in case it’s relevant): Litespeed server, LScache, PHP 8.4.17, Wordpress 6.9

I tried a couple of versions of the code – but there were a couple of edge cases where it didn’t work consistently. The refined, final version of the code has worked for me – it’s been applied for a…[Read more]

I’ll test your code with my API server and see if this works. I kind of gave up years ago with trying to get rid of the nuisance PHP error because every approach I tried broke the API server’s functionality. Got my fingers crossed.

Hi…I wonder if this might help anybody out with regards to the “PHP warning during update check: unserialize() error when response is not serialized”

Below are my findings…
<h3 class=”western”>Details</h3>
On PHP 8.4.15 (litespeed hosting, ModSecurity enabled), BulletProof Security Pro logs the following warning whenever WordPress checks for…[Read more]

For the email address to “Send Email Alerts & Log Files To:” and the “Send Email Alerts & Log Files From:” are you using a google email address or routing emails through google gmail? Google gmail does not allow zip files in emails. If that is not the problem then the only other thing I can think to try would be to delete all old zip files in the…[Read more]

Sorry, that was my error, they were of course where you say they should be. (I’m juggling a dozen things here and was writing in haste.) I realise I can opt to no have logs emailed, I just prefer to keep a month or two’s worth locally for reference in case anything bad happens on a given site.

Just noticed this – “storing them on the server in Uploads”. BPS log files are stored here /wp-content/bps-backup/logs. Not sure why you are seeing log files in the uploads folder. Maybe there is a problem with the zip files not being successfully attached to emails, which would leave the zip files in the logs folder or maybe the…[Read more]

The site I’ve been looking at today has WP Cron jobs enabled: ‘<span class=”system-info-text”><span class=”sysinfo-label-text”>DISABLE_WP_CRON constant:</span> Standard WP Crons are not disabled on your website.’

The hosting is with Siteground (not cPanel), there are no server cron jobs set up either. I can’t examine the WP installation to see if…[Read more]

Log files are zipped and emailed using WP Cron jobs. Are WP Crons disabled on these websites? You can check that on the BPS System Info page > DISABLE_WP_CRON constant: Standard WP Crons are not disabled on your website. If you are disabling WP Cron, then BPS works with Direct crons setup in cPanel. The correct time interval for Direct crons is -…[Read more]

Hi, I’m using BPS free. I’ve found a number of my sites (all of which use BPS) have not been emailing log files, instead just storing them on the server in Uploads. In one case this had been happening for years and was taking up a fair chunk of disk space, I hadn’t noticed I was not receiving log emails from these sites as I get quite a few (from…[Read more]

Does Malcare pro have an option setting that allows you to choose where the randomly named file is saved to? If so, then choose your WordPress Uploads folder to save the Malcare pro file – /wp-content/uploads. Unfortunately, since the filename is random, you cannot create an exclude rule for the Malcare pro file.

“MalCare Pro scan results and…

[Read more]