All-in-One Event Calendar

Home Forums BulletProof Security Pro All-in-One Event Calendar

This topic contains 8 replies, has 3 voices, and was last updated by  armintz 2 years, 2 months ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #10335

    jan
    Participant

    I am getting a lot of errors in my security log. How/where do i whitelist calls to uri’s: REQUEST_URI: /wp-content/themes-ai1ec/vortex/font…etc. In FireWall tools, i added “, /all-in-one-event-calendar/app/view/admin/js/(.*).js(.*)”
    keywords: ai1ec, all-in-one event calendar, all in one

    #10339

    AITpro Admin
    Keymaster

    That Plugin Firewall whitelist rule is not using valid Regular Expressions code.
    I have scanned this URL /on-the-cuspstop-cauti/calendar/ on your website with the BPS Pro Pro-Tools cURL Scanner:
    cURL Scanner results:

    /all-in-one-event-calendar/app/view/admin/js/main.js, /user-access-manager/js/jquery.tools.min.js, /user-access-manager/js/functions.js, /all-in-one-event-calendar/app/view/admin/js/pages/common_frontend.js, /contact-form-7/includes/js/jquery.form.min.js, /contact-form-7/includes/js/scripts.js, /ajax-event-calendar/js/jquery.fullcalendar.min.js, /ajax-event-calendar/js/jquery.simplemodal.1.4.4.min.js, /ajax-event-calendar/js/jquery.mousewheel.min.js, /ajax-event-calendar/js/jquery.jgrowl.min.js, /ajax-event-calendar/js/jquery.init_show_calendar.js

    Plugin Firewall whitelist rules after applying Regular Expressions code:

    /all-in-one-event-calendar/app/view/admin/js/(.*).js, /user-access-manager/js/(.*).js, /contact-form-7/includes/js/(.*).js, /ajax-event-calendar/js/(.*).js
    #10450

    AITpro Admin
    Keymaster

    Email Reply:

    Wasn’t sure if I should post this on the site (you removed another snippet earlier due to security concerns).  My log is creating massive entries because of a new plugin all-in-one-event-calendar.

    I re-ran the CURL scanner and verified that I have all the right entries in the Plugin Firewall. And I activated it again just in case.

    Firewall currently set to:

    /all-in-one-event-calendar/app/view/admin/js/(.*).js, /user-access-manager/js/(.*).js, /contact-form-7/includes/js/(.*).js, /ajax-event-calendar/js/(.*).js, /wordfence/(.*).php, /wordfence/(.*).js

    Any ideas will be appreciated.

    >>>>>>>>>>> 403 GET or HEAD Request Error Logged - October 7, 2013 - 4:16 pm <<<<<<<<<<<
    REMOTE_ADDR: 67.133.199.254
    Host Name: 67-133-199-254.dia.static.qwest.net
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_REFERER: http: //www.onthecuspstophai.org/on-the-cuspstop-cauti/educational-sessions/content-calls/
    REQUEST_URI: /wp-content/themes-ai1ec/vortex/font/League_Gothic-webfont.eot?iefix)%20format(\"eot\"),%20url(../font/League_Gothic-webfont.woff)%20format(\"woff\"),%20url(../font/League_Gothic-webfont.ttf)%20format(\"truetype\"),%20url(../font/League_Gothic-webfont.svg
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.5; .NET4.0C; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.3)
    
    >>>>>>>>>>> 403 GET or HEAD Request Error Logged - October 7, 2013 - 4:16 pm <<<<<<<<<<<
    REMOTE_ADDR: 67.133.199.254
    Host Name: 67-133-199-254.dia.static.qwest.net
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_REFERER: http: //www.onthecuspstophai.org/on-the-cuspstop-cauti/toolkits-and-resources/
    REQUEST_URI: /wp-content/themes-ai1ec/vortex/font/League_Gothic-webfont.eot?iefix)%20format(\"eot\"),%20url(../font/League_Gothic-webfont.woff)%20format(\"woff\"),%20url(../font/League_Gothic-webfont.ttf)%20format(\"truetype\"),%20url(../font/League_Gothic-webfont.svg
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.5; .NET4.0C; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.3)
    #10452

    AITpro Admin
    Keymaster

    Ok first off we try to stay away from making personal opinions about other plugins, but the errors that are displayed in your Security Log show some really bad coding work in that plugin.  Outputted HTML code should not have backslashes displayed in the outputted code – %20format(\"eot\").

    The plugin no longer exists in the WordPress plugin repository on WordPress.org so it was probably yanked due to bad coding.  I cannot test this plugin because WordPress has removed it from their website. Now with all of that said, you can try this whitelist rule below.

    1. Copy and paste this skip/bypass rule to this BPS Pro Custom Code text box: CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES: Add personal plugin/theme skip/bypass rules here
    2. Click the Save Root Custom Code button.
    3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

    # All-in-one Calendar skip/bypass rule
    RewriteCond %{REQUEST_URI} ^/wp-content/themes-ai1ec/ [NC]
    RewriteRule . - [S=13]
    #10456

    jan
    Participant

    yikes. I must have been the last one to install before it got yanked. i have disabled it for now altogether and will wait to see if/when they reappear on WP.org. They seem to have a serious website and appear to try and be serious developers. We’ll see.  Thanks for the info and checking.

    #10461

    AITpro Admin
    Keymaster

    I did some more checking on this plugin and yes they do appear to be legitimate so maybe this is just a coding mistake that accidentally got into the final version release of the plugin that no one caught –  it happens.  😉  Also after taking another look I think the reason this plugin is no longer available at WordPress.org is because this plugin has changed its licensing agreement.  WordPress has very strict rules about the GPL licensing agreement for plugins available on WordPress so my hunch is that these plugin creators have decided not to make this plugin available on WordPress.org any longer.

    Also the skip/bypass rule above is a subfolder for this plugin’s main plugin folder so actually you should use this skip/bypass rule instead.  Overall I do not think the coding mistake is a security risk and is just a coding boo boo so I am pretty sure that this plugin is ok to use.

    # All-in-one Calendar skip/bypass rule
    RewriteCond %{REQUEST_URI} ^/wp-content/all-in-one-event-calendar/ [NC]
    RewriteRule . - [S=13]
    #28996

    armintz
    Participant

    bumping/chiming in here as i have a new client who uses this all-in-one event calendar plugin (apparently still available in the wordpress repository and still being updated)
    https://wordpress.org/plugins/all-in-one-event-calendar/

    activating bulletproof pro while the all-in-one plugin is also activated seems to crash the site. upon adding the custom code (referenced in this thread above) to the CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES section – it doesn’t seem to have any affect. is there an updated fix for this? no worries if not – i see a lot of negative reviews for the all-in-one plugin so I assume it’s probably an issue with them and not BPS 😉

    #29001

    AITpro Admin
    Keymaster

    I will download, install and test the All-in-One Event Calendar plugin and see if I can duplicate the same problem on my test site. It looks like All-in-One Event Calendar plugin has had issues/problems in the past, but the most recent reviews by folks are very good.  So it looks like a lot of the older/previous issues/problems in that plugin have been fixed.

    UPDATE:  The All-in-One Event Calendar plugin has been tested with BPS Pro and there were no problems, issues or conflicts found with the All-in-One Event Calendar plugin.  So the site crash problem is not related to or being caused by the All-in-One Event Calendar plugin and is/was caused by something else.  If you are using a caching plugin that uses htaccess code (W3TC, WP Super Cache, etc) then make sure you have the most current/correct htaccess code for your caching plugin added to BPS Root Custom Code and then re-run the BPS Pro Wizards on this website.

    #29020

    armintz
    Participant

    thank you for looking into this. it looks like it was a memory usage issue, which just so happened to kick in when all-in-one and BPS were activated at the same time. increasing the memory limit seems to have fixed the issue. thanks again.

Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.