BulletProof Security Forum

Thank you!! I appreciate you!

Honest recommendation > get rid of the VPS server and move your websites to Shared hosting. Why? VPS servers are sold to average folks without any warning that you are getting a bare bones server with minimal security and securing your VPS is entirely on you. Telling people that would obviously cause VPS server sales to plummet. Shared hosting…[Read more]

To the rescue again, thank you!! Can you recommend a good place to learn how to harden server ports? or points of entry?. I have two shared servers and one VPS that got hacked in the last two weeks, all sites are updated and have bulletproof installed. I noticed the hacks becasue of the quarantine notifications and also from malcare notifications.…[Read more]

The Query String has a round bracket code character in it ( which is being blocked by this BPS Query String Exploit security rule RewriteCond %{QUERY_STRING} ^.*((|)|<|>|%3c|%3e).* [NC,OR].

Go to the Custom Code tab page > click the Root Custom Code accordion button > Scroll down to Custom Code text box 12. CUSTOM CODE BPSQSE BPS QUERY STRING…[Read more]

Looks like a typical RFI problem.

1. Copy the modified BPS Query String Exploits below to this BPS Root Custom Code text box: 12. CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS. Note: Overwrite any htaccess code that is already in this text box.
2. Click the Save Root Custom Code button.
3. Go to the BPS Setup Wizard page and rerun the…[Read more]

Adding to htaccess:

RewriteCond %{QUERY_STRING} __wpdmlo= [NC]
RewriteRule .* – [L]

Didn’t solve the problem.

Error page still apear

Here is Security log entry of blocked access
How can I create whitelist rule?

[403 GET Request: July 15, 2025 7:45 am]
BPS Pro: 17.5
WP: 6.8.1
Event Code: BFHS – Blocked/Forbidden Hacker or Spammer
Solution: N/A – Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 2.136.226.233
Host Name: 233.red-2-136-226.staticip.rima-tde.net
SERVER_PROTOCOL:…[Read more]

Try deactivating all of your other plugins and see if the php error is still occurring or not. The php error is coming from how php files are being processed and does not have anything to do with your WordPress database. So uninstalling BPS Pro would not change anything.  You can try manually reinstalling BPS Pro using the BPS Pro Upload Zip…[Read more]

Confirming no OPcache was running initially. However, we’ve enabled this with the recommended parameters for testing – no luck. Error still there. We don’t use Cloudflare with WP-Rocket.

Nothing special in the wp-config.php either. This is the code below BPSPro ini_set settings:
/** Absolute path to the WordPress directory. */
if ( !…[Read more]

A “cannot redeclare” php error basically means something is being loaded twice/headers already loaded. If you have Cloudflare installed or your web host uses Cloudflare and you are using WP Rocket then see this WP Rocket help topic > https://docs.wp-rocket.me/article/18-using-wp-rocket-with-cloudflare. Another thing to check would be your…[Read more]

Checking with the server hosting if there is some server sided caching installed, can’t see opCache straight up.

Hi team,
still encountering the same error message:
PHP Fatal error: Cannot redeclare bpsPro_AP_Check() (previously declared in /home/XXXXX/domains/unplugrentals.com/public_html/wp-content/plugins/bulletproof-security/includes/functions.php:44) in…[Read more]

Not sure why that modified Query String Exploit code does not work. It should. Try the modified Query String Exploit code below.

1. Copy the modified BPS Query String Exploits code below to this BPS Root Custom Code text box: 12. CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS
Important Note: If you have existing htaccess code in this Custom Code…[Read more]

Hi I just found another 403 with the UTM, I added this code and ran install wizard, but still get the 403, https://indoorairflorida.com/?utm_campaign=06-26-25-Don%27t-let-mold-&utm_source=social&utm_medium=GBP

# BEGIN BPSQSE BPS QUERY STRING EXPLOITS
# The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good…[Read more]

Thank you for looking at that and fixing it, a big relief!  I have entered the Cloudflare IPs according to your link and turned the Plugin Firewall back on.  So far all good.  I will monitor things for awhile before re-enabling Cloudflare.

Thanks again for your prompt reply, helpful practical advice as always.

The problem is fixed. You had invalid htaccess code in Root Custom Code text box 14 and wp-admin Custom Code text box 1. You don’t need to add/whitelist Cloudflare IP addresses in the root and wp-admin htaccess files. The only case where you would need to whitelist Cloudflare IP’s would be using the link I posted in my first reply to add the IP…[Read more]

Thank you!  A WP admin login now sent.

Send me a WordPress Admin login to the site and I’ll figure out the problem. Send the login info to:  info@ait-pro.com