BackupBuddy – wget cron blocked – 403 error

[Vladimir]

Help pls. I have BackupBuddy and cannot make a regular backup.

BackupBuddy says there is a problem with cron jobs, I contacted Siteground, they made modifications and made Cpanel Cron Job which is blocked by BPS.

They say allowing the cron job to be triggered from IP XXX.X.XXX.XXX would fix this and I searched for the forum but I could not find a fix. I removed wget| from user agent as well.

siteground.eu 15:00:00 Tue Apr 03 ~/public_html/
└─> wget --no-check-certificate -O - https://www.xxxxxxxx.xx/wp-cron.php?doing_wp_cron
--2018-04-03 15:00:02-- https://www.xxxxxxxx.xx/wp-cron.php?doing_wp_cron
Resolving www.xxxxxxxx.xx (www.xxxxxxxx.xx)... xxx.xx.xx.xxx, xxx.xx.xx.xxx, xxxx:xxxx:xxxx:1::xxxx:xxxx, ...
Connecting to www.xxxxxxxx.xx (www.xxxxxxxx.xx)|xxx.xx.xx.xxx|:xxx... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-04-03 15:00:02 ERROR 403: Forbidden.

[AITpro Admin]

See this forum topic for the steps to allow wget crons > https://forum.ait-pro.com/forums/topic/rss-link-bomber-cron-job-blocked/. If you are using a caching plugin or some other form of caching then be aware that Query Strings are cached: ?doing_wp_cron. Using Direct Crons instead of the standard WP Crons could effect plugin and theme cron jobs if there is a caching problem/issue. See this forum topic for more information regarding that issue > https://forum.ait-pro.com/forums/topic/siteground-arq-turns-off-during-updates/#post-35560

[Vladimir]

Thank you for the help but it did not resolve my issue…

I updated my cron job and added the code

lynx -source https://www.xxxxxxxxxxxxxx.xx/subfolder/wp-cron.php > /dev/null 2>&1

I believe I have to create wp-admin Skip/Bypass rule, please look at the 403 error I’m getting when I try to manually start the cron job

 [403 GET Request: April 9, 2018 - 9:42 pm]
BPS: 2.9
WP: 4.9.5
Event Code: WPADMIN-SBR
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: xxx.xxx.xx.xxx
Host Name: xxx.xxx.xx.xxx
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://www.xxxxxxxxxxxxxx.xx/subfolder/wp-admin/admin.php?page=pb_backupbuddy_server_tools
REQUEST_URI: /subfolder/wp-admin/admin.php?page=pb_backupbuddy_server_tools&run_cron=1523306218|backupbuddy_cron|e0dbe855bf1a87f3b492be074edddc48&value=%3Cspan%20title=%27Key:%20e0dbe855bf1a87f3b492be074edddc48%27%3Ebackupbuddy_cron%3C/span%3E
QUERY_STRING: page=pb_backupbuddy_server_tools&run_cron=1523306218|backupbuddy_cron|e0dbe855bf1a87f3b492be074edddc48&value=%3Cspan%20title=%27Key:%20e0dbe855bf1a87f3b492be074edddc48%27%3Ebackupbuddy_cron%3C/span%3E
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36

Thank you for all the help in advance.

 

[AITpro Admin]

Try this:

1. Copy the wp-admin htaccess code below into this BPS wp-admin Custom Code text box: 3. CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES
2. Click the save wp-admin Custom Code button.
3. Go to the Security Modes page and click the wp-admin folder BulletProof Mode Activate button.

# BackupBuddy Query String skip/bypass rule
RewriteCond %{QUERY_STRING} page=pb_backupbuddy_server_tools(.*) [NC]
RewriteRule . - [S=2]

[Vladimir]

Dear AIT,

All of this worked so far but it does not fix my issue. I contacted my hosting Siteground and they gave me the following

• The bulletproof security rules are causing this request to be rejected and the cron job couldn’t be triggered.

I changed the cron job to

lynx -source https://www.xxxxxxxxxxxxxx.xx/subfolder/wp-cron.php > /dev/null 2>&1

I removed “?doing_wp_cron” as I believe I do not need this line

And added the code as you mentioned

I can now start crons remotely but they are not triggering automatically.

• Siteground also said – For this setup to work with the plugin, the bulletproof security rules would either have to be modified to allow the cron job to be triggered from a specific IP address  (the main IP of the server which hosts your account).

Is there a way to whitelist my server IP?

[AITpro Admin]

I do not think an IP address whitelist rule is needed.  You definitely need the ?doing_wp_cron Query String in the URL/URI.  Also if you are doing anything with caching you need to add a random string generator (MD5 works well) after the doing_wp_cron Query String.  Example URI request output:  ?doing_wp_cron&89765789095. See this forum topic for a reference regarding this issue > https://forum.ait-pro.com/forums/topic/siteground-arq-turns-off-during-updates/#post-35560.  Try putting the Query String back and add a random string generator if you are doing anything with caching/CDN’s, etc.

[Vladimir]

Dear Ait,

Finally, I got some progress with EasyCron. Making a random string generator on my own is above my knowledge and this works

https://mywebsite.com/wp-cron.php?doing_wp_cron&__RANDOM__

I removed the cpanel Cron Job.

Should I remove any of the code I implemented before

# BackupBuddy Query String skip/bypass rule 
RewriteCond %{QUERY_STRING} 
page=pb_backupbuddy_server_tools(.*) [NC] 
RewriteRule . - [S=2]e

and I implemented CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS without wget

[AITpro Admin]

Great! Glad you got it working. The BackupBuddy Query String whitelist rule may or may not still be needed. Try removing it and see if things still work. If the problem occurs again then add the BackupBuddy Query String whitelist rule.

[Larry Lujan]

cbc

[Author]

Posts