BulletProof Security Forum

Ok, Thank you. I will go back and apply the code from the post you recommended previously to stop blocking head request.

Have a Great day

Terry

Blocking HEAD Requests is a nuisance “filter” to block Bots, not a security measure. These days it is completely unnecessary to block HEAD Request. Years ago Pre-PHP 7.4 it made a difference with website performance. If you are running at least PHP 7.4 then blocking HEAD Requests is no longer necessary. I assume Rank Math Link Genius is using the…[Read more]

Or is there something I am doing that is causing these head request since all I am doing is adding links to other pages on the site in the content.

I don’t want to open the site up completely for head attacks if adding the suggest code would jeopardize the site. The plugin that is monitoring the links is Rank Math Link Genius. Following is the most recent logged entries in BPS security log. Is there a way to allow that plugin only to do the head request. Or what do you recommend. Thank…[Read more]

Broken links typically show this Error Code: 404 Not Found, but depending on the tool you are using to check for broken links the tool itself will be blocked with a 405 error if it is making a HEAD Request. Do the steps in the link below to allow all HEAD Requests.

405 Method Not Allowed – means the web server understands the request and the URL…[Read more]

These are all legitimate WP Core files. So either a WP Automatic update occurred and these files were accidentally quarantined or these files have been tampered with. Most likely this is an accidental quarantine.

Use FTP or your web host control panel File Manager tool
Download /wp-includes/class-wp-http-ixr-client.php to your…[Read more]

Looking at this X help information, you may not be able to hotlink images from your website.

X (formerly Twitter) generally does not encourage or support direct hotlinking of images hosted on its servers (pbs.twimg.com) to external websites, such as embedding them in blog posts or as site elements. While the images may load temporarily, they often…

[Read more]

Then what is causing the problem is the HTML code that you are using to link the image. Most likely the HTML code contains something that is being rejected by your host server as invalid. Below is basic and standard HTML code to link an image and most importantly it must contains the full URL to the image. If an img src url does not contain the…[Read more]

Hi,

Yes when I click the link on twitter I get to my website fine, the issue is twitter itself is not showing the image from my website like facebook does.

We are trying to find out what is blocking the image from being displayed on the twitter platform

Hope that makes sense

A 400 error does not mean something is being blocked. It means your code has a mistake that cannot be processed by your server or your server is simply refusing to process the Request because the Request is malformed (gibberish) or seen as incorrect. A 403 error means something was blocked. So yeah neither BPS or your host server is blocking the…[Read more]

Hi,

The server techs said they are not blocking twitter.

I created as basic a post as possible – https://walkingfootball.com/test/

Shows up fine on facebook – https://www.facebook.com/WalkingFootballdotcom/posts/pfbid02TkHpGR4Zt6d3n1UNFY77AfEpEtqeL82U9TjkTqJ2UHgsVFtajCxtU1s5UZv1FYewl

But on twitter just the blank holding card image again -…[Read more]

BPS is not blocking the X shared post. Your web host server is not able to process the content/code of the X shared post. The error message is indicating the problem is with your image URL in the X post. So what I would recommend is creating a simple URL that only contains a link to your website page or post instead of trying to include a link to…[Read more]

You probably need to change the path to the new DB Backup Folder location. Take a look at the folder path in this DB Backup option setting:  DB Backup Folder Location. Or maybe you just need to create a Manual DB Backup to update BPS option settings. I believe that error check, checks old DB Backup folder paths against what is saved in the DB…[Read more]

OK, thank you! Didn’t know about turning off autorestore. (Have never done a migration before, had no way of knowing and blogvault’s instructions were thin. Worked great after a couple of failures due to the lack thereof, however.)

Ran the setup wizard. Notice was still there. Dismissed it. Seems all is well. Would it simply reappear if there was…[Read more]

https://forum.ait-pro.com/forums/topic/migrating-moving-or-cloning-websites/#post-20407

Any time you are doing a website migration, move, clone, etc. AutoRestore needs to be turned off before migrating, moving, cloning a website. After completing a website migration, move, clone, etc. go to the Setup Wizard and run the Pre-Installation Wizard…[Read more]

I’m having this problem after a blogvault staging migration.

Tried to rename the folder unsuccessfully and was unable to create a test manual DB Backup Job.

I tried using cpanel’s file manager to temporarily rename the db-backup-security folder (before deleting it) but the site crashed.

(Once I corrected the folder name to ‘db-backup-security’…[Read more]

Thanks a million for the response — I’ll get back to the folks at WP Vivid Backup and point them to this.