Bookly Responsive WordPress Appointment Booking and Scheduling – 403 error

Home Forums BulletProof Security Pro Bookly Responsive WordPress Appointment Booking and Scheduling – 403 error

Tagged: ,

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • February 22, 2015 at 12:18 pm #21113
    AITpro Admin
    Keymaster

    Email Question:

    I have installed the Bookly plugin for my site and when I try and use it the following is flagged up as a security risk. How can I get this to be ignored.

    [403 GET / HEAD Request: February 19, 2015 2:38 pm] 
Event Code: WPADMIN-SBR
Solution: http://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: 82.46.91.48
Host Name: cpc1-stav16-2-0-cust47.aztw.cable.virginm.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://www.tinytoesbabyscans.co.uk/?page_id=35&preview=true
REQUEST_URI: /wp-admin/admin-ajax.php?form_id=54e5f47e78fc5&action=ab_session_save&service_id=2&staff_id%5B%5D=1&category_id=1&requested_date_from=2015-2-21&requested_time_from=09%3A00&requested_time_to=20%3A00&available_days%5B%5D=1&available_days%5B%5D=2&available_days%5B%5D=3&available_days%5B%5D=4&available_days%5B%5D=5&available_days%5B%5D=6&available_days%5B%5D=7&date_from_object%5Byear%5D=2015&date_from_object%5Bmonth%5D=1&date_from_object%5Bdate%5D=21&date_from_object%5Bday%5D=6&date_from_object%5Bobj%5D=Sat+Feb+21+2015+00%3A00%3A00+GMT%2B0000+(GMT+Standard+Time)&date_from_object%5Bpick%5D=1424476800000&options%5Bhide_categories%5D=1&options%5Bcategory_id%5D=1&options%5Bhide_services%5D=false&options%5Bservice_id%5D=false&options%5Bhide_staff_members%5D=1&options%5Bstaff_member_id%5D=1&options%5Bhide_date_and_time%5D=1
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    February 22, 2015 at 12:20 pm #21115
    AITpro Admin
    Keymaster

    UPDATE: BPS Pro 13+ and BPS 2.0+ versions have a feature called: Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) that automatically creates plugin and theme whitelist rules and automatically sets up and cleans up caching plugins htaccess code.

    Confirmed working solution:

    Create a wp-admin plugin/file skip/bypass rule for the DBookly Responsive WordPress Appointment Booking and Scheduling plugin in BPS wp-admin Custom Code.

    1. Add the admin-ajax.php skip/bypass rule below to this wp-admin Custom Code text box: CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES
    2. Click the Save wp-admin Custom Code button.
    3. Go to the Security Modes page and Activate wp-admin Folder BulletProof Mode.

    Note:  The skip rule must be [S=2] because it will be written to your wp-admin .htaccess file above skip / bypass rule [S=1].  If you have other wp-admin skip/bypass rules already then either combine them or add this skip/bypass rule separately above the other rules and change the skip #.  Example:  If you already have skip #’s 2 and 3 then this rule would be skip rule #4.

    # admin-ajax.php skip/bypass rule
RewriteCond %{REQUEST_URI} (admin-ajax\.php) [NC]
RewriteRule . - [S=2]
  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.