Home › Forums › BulletProof Security Free › BPS and WP-Spamshield plugin conflict caused 403 error
- This topic has 1 reply, 2 voices, and was last updated 6 years, 11 months ago by AITpro Admin.
-
AuthorPosts
-
Paul BarrettParticipant
I had a problem with 403 page errors in an application. BPS logs showed some active blocking. I also use the WP-SpamShield plugin. Deactivating that plugin stopped the errors from occurring.
Does BPS duplicate the functionality of WP-SpamShield. If so I can safelt leave SpamShield deactivated. If not please could you whitelist the plugin for me?
Here are the entries from the security logs:
[403 GET Request: 04 May 2017 - 18:12] BPS: 1.1 WP: 4.7.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 86.145.193.102 Host Name: host86-145-193-102.range86-145.btcentralplus.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 86.145.193.102 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://ourfamilyhistory.club/genealogy/admin_editplace.php?ID=3195 REQUEST_URI: /genealogy/admin_places.php?message=Changes+to+place+St.+Mary+%26+St+Luke+Church%2C+St+Mary%5C%27s+Close%2C+Wolverhampton%2C+Stafford%2C+England+were+successfully+saved. QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36 [403 GET Request: 04 May 2017 - 18:26] BPS: 1.1 WP: 4.7.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 86.145.193.102 Host Name: host86-145-193-102.range86-145.btcentralplus.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 86.145.193.102 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://ourfamilyhistory.club/genealogy/admin_editplace.php?ID=3133 REQUEST_URI: /genealogy/admin_places.php?message=Changes+to+place+St.Ebbe%5C%27s%2C+Roger+Bacon+Lane%2C+Oxford%2C+Oxfordshire%2C+England+were+successfully+saved. QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36 [403 GET Request: 04 May 2017 - 18:30] BPS: 1.1 WP: 4.7.4 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 86.145.193.102 Host Name: host86-145-193-102.range86-145.btcentralplus.com> SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 86.145.193.102 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://ourfamilyhistory.club/genealogy/admin_editplace.php?ID=3200 REQUEST_URI: /genealogy/admin_places.php?message=Changes+to+place+St.Michael%5C%27s+and+All+Angels%5C%27+Church%2C+12+Park+Road%2C+Abingdon%2C+Berkshire%2C+England+were+successfully+saved. QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36
Hope I have provided all teh information you need and that you can help me out.
RegardsPaul Barrett
AITpro AdminKeymaster@ Paul Barret – The solution for these 403 errors is here: https://forum.ait-pro.com/forums/topic/apostrophe-single-quote-code-character/#post-6939 Note the the apstrophe/single quote character is the most dangerous coding characters to use in Query Strings. Other BPS Query String Exploits security rules will still prevent an SQL Injection attack against your website even when using the solution in the link I posted above.
-
AuthorPosts
- You must be logged in to reply to this topic.