BPS and plugin “admin-site-enhancements”

Home Forums BulletProof Security Pro BPS and plugin “admin-site-enhancements”

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • September 15, 2023 at 10:01 am #43141
    Manu
    Participant

    Hi there,

    I use a new nice plugin https://wordpress.org/plugins/admin-site-enhancements/

    This plugin allows to do many things. I can for example add a password for the entire website. But BPS is not agree 😉

    Tks

    You can see here https://atlas.milletreize.com/

    Here is the error message I have :

    atlas.milletreize.com 403 Forbidden Error
    If you arrived here due to a search or clicking on a link click your Browser’s back button to return to the previous page. Thank you.
    IP Address: 109.9.26.131
    BPS Pro Plugin 403 Error Page

    September 15, 2023 at 11:29 am #43142
    Manu
    Participant

    [403 GET Request: 15 septembre 2023 – 19h54]
    BPS Pro: 17.1
    WP: 6.3.1
    Event Code: BFHS – Blocked/Forbidden Hacker or Spammer
    Solution: N/A – Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 109.9.26.131
    Host Name: 131.26.9.109.rev.sfr.net
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: https://atlas.milletreize.com/?protected-page=view&source=http%3A%2F%2Fatlas.milletreize.com%2F
    REQUEST_URI: /?protected-page=view&source=https%3A%2F%2Fatlas.milletreize.com%2Ffavicon.ico
    QUERY_STRING: protected-page=view&source=https%3A%2F%2Fatlas.milletreize.com%2Ffavicon.ico
    HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36

    September 15, 2023 at 1:03 pm #43143
    Manu
    Participant

    On your documentation I can see :

    Maintenance Mode Feature or Plugin or Theme Maintenance Mode Feature:
    Depending on how the Maintenance Mode feature is designed|works in another plugin or theme, it can prevent the Plugin Firewall from working correctly.  So the temporary workaround is to keep the Plugin Firewall turned Off while the site is in Maintenance Mode and then once the site is out of Maintenance Mode then the Plugin Firewall can be activated|turned on.  Note: Your site should be protected by the Maintenance Mode Feature or Plugin or Theme Maintenance Mode Feature so there is no need to worry about having the Plugin Firewall turned off.

    Should I do this ?  And how please . I have tried but not achieved.

    Tks

    September 15, 2023 at 4:32 pm #43144
    AITpro Admin
    Keymaster

    Use the RFI fix here > https://forum.ait-pro.com/forums/topic/constant-contact/#post-40940

    September 15, 2023 at 11:45 pm #43145
    Manu
    Participant

    Thank you.

    I have replaced all the code in the text box but I still have the problem.

    Sorry.

    September 15, 2023 at 11:54 pm #43146
    Manu
    Participant

    If i use the maintenance mode (with a maintenance page) it works well.

    September 20, 2023 at 10:30 am #43152
    Manu
    Participant

    Hi,

    Sorry to disturb. I have tried RFI fix one more time but it doesn’t work for me.

    Tks for your help

    September 20, 2023 at 4:33 pm #43153
    AITpro Admin
    Keymaster

    I don’t understand what the problem is.  What exactly is being blocked or not working?

    I tested using the Password Protection feature in the ASE plugin and it works fine.  Maybe ModSecurity is blocking this?  Deactivate Root and wp-admin BulletProof Modes.  Are you still seeing a 403 error?  Have you added any additional custom htaccess code to your htaccess file?

    September 20, 2023 at 11:52 pm #43156
    Manu
    Participant

    If I desactivate the WAF fire wall on my hosting for this domain, then it works fine.

    But it is maybe not the best solution to desactivate this ?

    Tks

    September 21, 2023 at 5:17 am #43157
    AITpro Admin
    Keymaster

    Or maybe you can edit your host’s firewall rules to whitelist/allow the ASE plugin to do what it does. The “journal” is another name for a log file.  Check that log file to see what is being blocked on your host > PlanetHoster.  If you are not sure what to whitelist/allow then contact your web host support folks.

    PlanetHoster has a descent Firewall (called We App Firewall WAF) with a set of rules predefined. And they play their roles nicely, you can activate or deactivate each of the directives on a per-domain basis. Which allows you to have different levels of protection in different domains. It can be useful when you actually need to allow some rules for specific reasons on specific websites.

    On top of the rule settings, you also have access to a journal. It helps understand what are the main threats and how they have been mitigated. Again you can filter the history per domain.

    September 21, 2023 at 5:47 am #43158
    Manu
    Participant

    Ok yeah !!

    I went to the logs of the WAF and see that “remote file injection attempt in uri (ae)” is blocked. I have desactivated this in the WAF only for my subdomain and it seems to work now.

    You are amazing 🙂

  • Author
    Posts
Viewing 11 posts - 1 through 11 (of 11 total)
  • You must be logged in to reply to this topic.