BulletProof Security Forum

As per this suggestion “To fix this now > use FTP or your web host control panel File Manager tool and delete the /wp-content/plugins/contact-form-7.bk file or folder”

The hosting company has deleted the mystery folder.

Forever grateful,

Mike.

Thanks for some reason, when I tried to log in today to address the problem the site was back up.  Thanks for you help!

Turns out the web host blocked my IP address.  Both site’s issues are resolved.

Thank you for contacting the support team.
Upon checking we could see that the IP address was temporarily blocked under the server firewall. Kindly verify the below-pasted log for your reference.
_________________________
csf.deny: 104.6.198.17 # lfd: (WPLOGIN) WP…

[Read more]

Yep, it is safe to either comment out the iframe security rules or to create a Rewrite bypass rule.  Just remember to save your custom htaccess code changes in this BPS Root Custom Code text box: 12. CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS.  So that you custom htaccess code is saved permanently.

Hi,

No “BPS POST Attack Protection” on my configuration.

With your custom code the payment site redirect works again.

And it works also just commenting the two following lines:

RewriteCond %{QUERY_STRING} (<|%3C).*iframe.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR]

Since I saw some mention of a…[Read more]

The Request appears to be a POST Request in your Headers above, but that may only be when you are submitting the form and the Request back to your site is probably a GET Request.

Are you using the BPS POST Attack Protection custom code?  If so, remove/delete it from BPS Root Custom Code.

If you do not have any POST custom htaccess code then do…[Read more]

Well I got one of your sites done and then your host server crapped out.  If the other site is having the same problems then use the info below regarding this site > thxxxxxxxxxxxxxxxxat.com
C:WINDOWSsystem32>ping -t thxxxxxxxxxxxxxxxxat.com
Pinging thxxxxxxxxxxxxxxxxat.com [xxx.xxx.xxx.xxx] with 32 bytes of data:
Request timed out.
Request timed…[Read more]

I am speechless and grateful.

Login info on it’s way.

Hopefully you’ll later be able to give a breif dumbed-down version of what was out of whack.

Thank-you!
Mike.

Send a WordPress Administrator login to this site and I’ll fix whatever needs to be fixed.  Send the WP Admin login to:  info at ait-pro dot com.

It’s possible that the WordPress automatic plugin update option setting in combination with something else could install BPS free instead of BPS Pro.  Scenarios that I have seen that cause this type of problem are someone has a plugin like the Easy Updates Manager plugin installed and has chosen to automatically update BPS Pro.  BPS Pro should o…[Read more]

Hi,

i had activated “automatic update” in plugin page – now i switched it off and set only autoupdate inside the BPS. Should be ok right?

thanks I had used the steps from our last conversation to get back to Pro with saved settings.

Best Regards

Matt

Neither WordPress or BPS Pro would automatically install the BPS free plugin instead of the BPS Pro plugin.  Do you have any plugins installed that automatically update any other plugins or anything else that handles automatic updates for plugins?  If so, disable the automatic update for the BPS Pro plugin in that other plugin or other automatic p…[Read more]

Hi,

i am reporting again same problem – the BPS Pro went “itself” to free mode. Looks like its something that occours after automatic update of the plugin. And again it caused my site to go offline. Please take a look at this issue. thanks

@ James – Most likely the problem is caused by either missing php handler htaccess code in your root htaccess file or invalid php handler htaccess code saved in this BPS Root Custom Code text box: 1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE.  Do the steps below and let me know what happens.

Use FTP or your web host control panel File…[Read more]

I logged into my WordPress site and saw that I had a notification at the top to run the wizard for BPS, something I’ve many times. I ran it today and now my entire site is giving me the following 404 error:
<h1>Not Found</h1>
The requested URL was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an…[Read more]

Wow! Lightning fast response. Outstanding!

Now armed with good information, I will be proceeding to the new install this evening.

Thanks!

Mike.

To completely uninstall iThemes Security you would do the normal plugin deactivation and uninstall on the WordPress Plugins page.  After that you can use the BPS Pro > Tools > DB Table Cleaner|Remover tool > Select the Drop radio button for each of these iThemes Security database tables listed below > click the Empty|Drop button to delete any…[Read more]