Google Doc Embedder – gview 403 error

Home Forums BulletProof Security Pro Google Doc Embedder – gview 403 error

Viewing 9 posts - 16 through 24 (of 24 total)
  • Author
    Posts
  • #7246
    David G
    Participant

    Yes it works right now because I have deactivated Root Folder BulletProof Mode. Let me turn it back on and the problems start up. The log entry is from MY attempts to access the page with the doc embedder. BPS is now reactivated. Check the site. THanks

    #7247
    David G
    Participant

    so how do I deal with the scraping?

    #7250
    AITpro Admin
    Keymaster

    Is this issue/problem related to the Google Doc Embedder plugin?

    BPS already dealt with it = The scrape was Blocked/Forbidden.  BPS blocks/forbids a lot more than just hacking attempts against your website.  I was able to successfully download the ppt file again.

    #13717
    AITpro Admin
    Keymaster

    Email Question:

    I’m running WP as the content management with the Zoren theme. I’ve installed a couple of other plugins which were working fine prior to the BPS install. The plugs are WP-Members, to manage subscribers for our ebooks, and the plug in GDE (google docs embedder) for viewing the ebooks, which are otherwise not viewable unless logged in (and not downloadable or printable unless wanting to print the page images of the books).

    The problem is that since the installation of BPS if I click on the link to the ebook (pdf file called by GDE) I receive the following error message : GDE Error: Error retrieving file – if necessary turn off error checking (403:Forbidden).

    #13719
    AITpro Admin
    Keymaster

    Create a RewriteEngine Off .htaccess file:  http://forum.ait-pro.com/forums/topic/rewriteengine-off-htaccess-file/  and upload it to the folder where you are storing your Google Doc Embedder PDF files and then rename the RewriteEngine Off .htaccess file (securityoff.htaccess) to just .htaccess.

    #25831
    KeithAdv
    Participant

    I never know if it’s better to resurrect an old thread with the same problem or start a new one… I’m having the same problem with Google Doc Embedder. I’ve read through this thread and understand the solution of creating a RewriteEngine Off .htaccess file.

    My client is using the plugin to display .PDF files. My problem is that I have trained my client to use the standard WordPress Media Library functions to upload those files. Therefore, they are not in one specific directory but scattered throughout the default year/month subdirectories hierarchy under /uploads. To use the RewriteEngine Off .htaccess file solution, I would need to track down where the pdf are and make those subdirectories accessible (along with all the other files in them). And then I’d have to tell my client to alert me every time he uploads a new .PDF.

    Or do I just make all of /uploads accessible?  I would love a little guidance on this. Thank you!

    #25832
    AITpro Admin
    Keymaster

    htaccess files are hierarchical/recursive which means that the parent folder /uploads/.htaccess file will apply the rules/code to all child folders /2015/01/, /2015/02/, etc.  If you have BPS Pro you can use the UAEG Custom Code text box to create the RewriteEngine Off htaccess file and save it permanently.  If you have BPS free then upload a RewriteEngine Off htaccess file to the /uploads/ folder.

    #25834
    KeithAdv
    Participant

    Thank you! Hypothetically, if I create such a rule in each of the main year directories, does that make me vulnerable?

    #25835
    AITpro Admin
    Keymaster

    If you are using a RewriteEngine Off htaccess in a folder then you are removing your security protection for that folder.  A RewriteEngine Off htaccess file means “do not apply any htaccess security rules” or “turn off security” in folder X.  It is most likely possible to keep UAEG security protection and instead create whitelist rules for specific files/filenames.  See the UAEG Read Me first Topic link below for the example whitelist rules code.

    http://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/

    How to whitelist a specific file and an entire folder:  The whitelisting code below shows how to whitelist a specific js file in the uploads folder and how to whitelist an entire folder in the uploads folder:  /uploads/example-folder/

Viewing 9 posts - 16 through 24 (of 24 total)
  • You must be logged in to reply to this topic.