Tribulant Shopping Cart – 403 error

Home Forums BulletProof Security Free Tribulant Shopping Cart – 403 error

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
  • #21959

    Hi AIT PRO,

    I’ve been using your free BPS plugin on many sites for years. I haven’t had a site hacked since using it, so I am a big fan and using it on all client sites as well as my own. Today, I was alerted to an issue on a client site that has a shop plugin – The Shopping Cart Plugin from Tribulant . We started receiving a 403 page when someone tries to put an item in the cart. The item actually gets put into the cart, but to the customer, they receive the 403 page and think they cannot purchase the item. I searched the forums but didn’t find anything about the plugin except this, which doesn’t apply to my issue (I tried it anyway)

    So, I followed the troubleshooting instructions to add the URI to the custom code as [S=13] to the following section:

    CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES: Add personal plugin/theme skip/bypass rules here

    However, I must be doing something wrong because I am still getting the 403 message. It is happening on the production site as well as the development/testing site. I am doing these tests on the development site:

    Here’s the log entry: I have a bunch of them and they are all the same.

    [403 GET / HEAD Request: April 9, 2015 - 3:54 pm]
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    Host Name:
    HTTP_REFERER: http://xxxxxxx/product/gift-cards-2/
    REQUEST_URI: /shop/shopping-cart?wpcoupdated=true&wpcomessage=Product%20added.%20%3Ca%20href=%22→%3C/a%3E
    HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.82 Safari/537.36

    If you need a login id and password, I can PM you one. I’d really like to get this fixed ASAPas it is preventing sales on this site. I don’t want to remove the plugin because I just reviewed all of the other top security plugins but they all seem to have major issues. And, not having anything is just not an option.

    Can you give me the plugin Skip/Bypass rule for this?

    Thanks, Todd

    AITpro Admin

    Create a skip/bypass RewriteRule for the tribulant /shop folder.  See the instructions in the link below.

    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    # RewriteRule for the tribulant /shop folder
    RewriteRule ^shop/ - [L]

    I applied the rule as indicated, now some of the buttons in the shop don’t work. For example, going from page 1 to page 2 of the shop can’t be done, so no one will be able to order the gift card. And other buttons (such as removing an item from the cart, sorting) don’t work either. See for yourself:

    Can you look again?


    AITpro Admin

    I see 9 items on a page that lists up to 10 items.  ie Displaying 1 – 9 of 10.  Is page 2 a custom item?  To get everything working correctly, deactivate root and wp-admin BulletProof Modes.  Since tribulant is a premium plugin I cannot test it.  We have a strict policy about not being allowed to login to other folks sites with the BPS free plugin installed so I would not be allowed to do that.

    AITpro Admin

    I got the ok to test the tribulant plugin if you send it to us.  After testing the tribulant plugin will be deleted from our testing site and also any copies that you sent to us.  If you want to do this then send a tribulant zip file to:  info at ait-pro dot com.  Thanks.

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.