403 error on CURL cron command

Home Forums BulletProof Security Pro 403 error on CURL cron command

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • January 5, 2018 at 3:51 am #35219
    Zsolt Edelényi
    Participant

    I would like to run a cron command activating email subscribers and newsletters plugin’s code:
    /usr/local/bin/curl --silent "http://www.domain.hu/?es=cron&guid=gdkrmz-phinzu-hjmxfe-xhjkfv-pwvcea" > /dev/null 2>&1

    The server respond with the following error in the div bpsMessage:
    domain.hu 403 Forbidden Error Page
    If you arrived here due to a search or clicking on a link click your Browser's back button to return to the previous page. Thank you.
    IP Address: 99.999.999.999
    How can I set up BPS PRO to allow this cron job?

    January 5, 2018 at 8:21 am #35220
    AITpro Admin
    Keymaster

    Use the steps in this forum topic to fix the curl 403 error:  https://forum.ait-pro.com/forums/topic/amazon-bot-unable-to-crawl-ads/#post-34402  If you already see BPS Query String Exploits code saved in Custom Code then just edit it, save your changes and activate root folder BulletProof Mode.  The fix may solve the second security log entry.  Let me know if it does or does not fix the second issue.

    The 2 security rules that contain curl are these 2 below. curl has already been removed from these 2 lines so you can just copy and paste them over the existing security rules in Custom Code if you want or edit/delete: curl| from your existing Custom Code.
    Note: make sure you delete the pipe operator too: |

    RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|python|nikto|scan|java|winhttp|clshttp|loader) [NC,OR]

RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|python|nikto|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
    May 22, 2018 at 8:22 pm #35792
    Zsolt Edelényi
    Participant

    Is it possible to enable curl from only 1 ip address?

    May 22, 2018 at 8:35 pm #35793
    AITpro Admin
    Keymaster

    You might be able to create an IP address whitelist rule that skips all of the BPS Query String Exploits security rules. Logically it should work, but I have never tried to do that. You would create this IP address whitelist rule (shown below) in BPS Root Custom Code.

    1. Copy the IP address whitelist Skip rule code below to this BPS Root Custom Code text box: 10. CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES. Note: Add the IP address you would like to whitelist in place of the x’s.
    2. Click the Save Root Custom Code button.
    3. Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.

    # IP Address Skip/Bypass Rule
RewriteCond %{REMOTE_ADDR} ^xxx\.xxx\.xxx\.xxx$ [NC]
RewriteRule . - [S=13]
  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.