Home › Forums › BulletProof Security Free › BackupBuddy – wget cron blocked – 403 error
Tagged: 403 error, BackupBuddy, wget
- This topic has 8 replies, 3 voices, and was last updated 1 year, 2 months ago by Larry Lujan.
-
AuthorPosts
-
VladimirParticipant
Help pls. I have BackupBuddy and cannot make a regular backup.
BackupBuddy says there is a problem with cron jobs, I contacted Siteground, they made modifications and made Cpanel Cron Job which is blocked by BPS.
They say allowing the cron job to be triggered from IP XXX.X.XXX.XXX would fix this and I searched for the forum but I could not find a fix. I removed wget| from user agent as well.
siteground.eu 15:00:00 Tue Apr 03 ~/public_html/ └─> wget --no-check-certificate -O - https://www.xxxxxxxx.xx/wp-cron.php?doing_wp_cron --2018-04-03 15:00:02-- https://www.xxxxxxxx.xx/wp-cron.php?doing_wp_cron Resolving www.xxxxxxxx.xx (www.xxxxxxxx.xx)... xxx.xx.xx.xxx, xxx.xx.xx.xxx, xxxx:xxxx:xxxx:1::xxxx:xxxx, ... Connecting to www.xxxxxxxx.xx (www.xxxxxxxx.xx)|xxx.xx.xx.xxx|:xxx... connected. HTTP request sent, awaiting response... 403 Forbidden 2018-04-03 15:00:02 ERROR 403: Forbidden.
AITpro AdminKeymasterSee this forum topic for the steps to allow wget crons > https://forum.ait-pro.com/forums/topic/rss-link-bomber-cron-job-blocked/. If you are using a caching plugin or some other form of caching then be aware that Query Strings are cached:
?doing_wp_cron
. Using Direct Crons instead of the standard WP Crons could effect plugin and theme cron jobs if there is a caching problem/issue. See this forum topic for more information regarding that issue > https://forum.ait-pro.com/forums/topic/siteground-arq-turns-off-during-updates/#post-35560VladimirParticipantThank you for the help but it did not resolve my issue…
I updated my cron job and added the code
lynx -source https://www.xxxxxxxxxxxxxx.xx/subfolder/wp-cron.php > /dev/null 2>&1
I believe I have to create wp-admin Skip/Bypass rule, please look at the 403 error I’m getting when I try to manually start the cron job
[403 GET Request: April 9, 2018 - 9:42 pm] BPS: 2.9 WP: 4.9.5 Event Code: WPADMIN-SBR Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: xxx.xxx.xx.xxx Host Name: xxx.xxx.xx.xxx SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.xxxxxxxxxxxxxx.xx/subfolder/wp-admin/admin.php?page=pb_backupbuddy_server_tools REQUEST_URI: /subfolder/wp-admin/admin.php?page=pb_backupbuddy_server_tools&run_cron=1523306218|backupbuddy_cron|e0dbe855bf1a87f3b492be074edddc48&value=%3Cspan%20title=%27Key:%20e0dbe855bf1a87f3b492be074edddc48%27%3Ebackupbuddy_cron%3C/span%3E QUERY_STRING: page=pb_backupbuddy_server_tools&run_cron=1523306218|backupbuddy_cron|e0dbe855bf1a87f3b492be074edddc48&value=%3Cspan%20title=%27Key:%20e0dbe855bf1a87f3b492be074edddc48%27%3Ebackupbuddy_cron%3C/span%3E HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Thank you for all the help in advance.
AITpro AdminKeymasterTry this:
1. Copy the wp-admin htaccess code below into this BPS wp-admin Custom Code text box: 3. CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES
2. Click the save wp-admin Custom Code button.
3. Go to the Security Modes page and click the wp-admin folder BulletProof Mode Activate button.# BackupBuddy Query String skip/bypass rule RewriteCond %{QUERY_STRING} page=pb_backupbuddy_server_tools(.*) [NC] RewriteRule . - [S=2]
VladimirParticipantDear AIT,
All of this worked so far but it does not fix my issue. I contacted my hosting Siteground and they gave me the following
- The bulletproof security rules are causing this request to be rejected and the cron job couldn’t be triggered.
I changed the cron job to
lynx -source https://www.xxxxxxxxxxxxxx.xx/subfolder/wp-cron.php > /dev/null 2>&1
I removed “?doing_wp_cron” as I believe I do not need this line
And added the code as you mentioned
I can now start crons remotely but they are not triggering automatically.
- Siteground also said – For this setup to work with the plugin, the bulletproof security rules would either have to be modified to allow the cron job to be triggered from a specific IP address (the main IP of the server which hosts your account).
Is there a way to whitelist my server IP?
AITpro AdminKeymasterI do not think an IP address whitelist rule is needed. You definitely need the
?doing_wp_cron
Query String in the URL/URI. Also if you are doing anything with caching you need to add a random string generator (MD5 works well) after the doing_wp_cron Query String. Example URI request output:?doing_wp_cron&89765789095
. See this forum topic for a reference regarding this issue > https://forum.ait-pro.com/forums/topic/siteground-arq-turns-off-during-updates/#post-35560. Try putting the Query String back and add a random string generator if you are doing anything with caching/CDN’s, etc.VladimirParticipantDear Ait,
Finally, I got some progress with EasyCron. Making a random string generator on my own is above my knowledge and this works
https://mywebsite.com/wp-cron.php?doing_wp_cron&__RANDOM__
I removed the cpanel Cron Job.
Should I remove any of the code I implemented before
# BackupBuddy Query String skip/bypass rule RewriteCond %{QUERY_STRING} page=pb_backupbuddy_server_tools(.*) [NC] RewriteRule . - [S=2]e
and I implemented CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS without wget
AITpro AdminKeymasterGreat! Glad you got it working. The BackupBuddy Query String whitelist rule may or may not still be needed. Try removing it and see if things still work. If the problem occurs again then add the BackupBuddy Query String whitelist rule.
Larry LujanParticipantcbc
-
AuthorPosts
- You must be logged in to reply to this topic.