Flash swf 403 error – Flash slideshow blocked

Home Forums BulletProof Security Free Flash swf 403 error – Flash slideshow blocked

This topic contains 4 replies, has 3 voices, and was last updated by  Colton3310 5 years, 2 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #4287

    Angela T.
    Member

    A large flash movie on my website now fails to load and gets a 403 forbidden error since I installed BPS Free. I deactivated Root Folder BulletProof Mode to verify it was the problem and my flash movie did start working again. Activate BPS and it fails.Β  I have tried several ways to whitelist the internal reference in my .htaccess file but I’m not experienced enough with htaccess to understand what I am doing. Could you please let me know what custom code I need to place in my .htaccess file for the flash to work again?

    The Website is bibleprophecy.com (flash slide show should be showing up just under the navigation).

    Thank you so much for your help.

    #4289

    AITpro Admin
    Keymaster

    The issue/problem appears to be that the link to the swf file is simulating an RFI hacking attempt against your website.

    http: //www.bibleprophecy.com/wp-content/themes/theme1371/flash/header_cs3.swf?xmlUrl=http://www.bibleprophecy.com/wp-content/themes/theme1371/flash/xml

    You should be able to whitelist the swf file by editing your root .htaccess file and adding header_cs3\.swf| to the security filter as shown below.

    1. Copy the modified TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE code below to this BPS Root Custom Code text box: CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
    2. Click the Save Root Custom Code button.
    3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

    IMPORTANT!!!: Edit the code below after copying it to BPS Custom Code and replace “example.com” with your actual website domain name.

    # TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
    # Use BPS Custom Code to modify/edit/change this code and to save it permanently.
    # Remote File Inclusion (RFI) security rules
    # Note: Only whitelist your additional domains or files if needed - do not whitelist hacker domains or files
    RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR]
    RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC]
    RewriteRule .* index.php [F]
    # 
    # Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php)
    RewriteCond %{REQUEST_URI} (header_cs3\.swf|timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
    # Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).*
    RewriteCond %{HTTP_REFERER} ^.*example.com.*
    RewriteRule . - [S=1]
    #4319

    Angela T.
    Member

    Thank you Thank you! That did the trick! πŸ™‚

    #4321

    AITpro Admin
    Keymaster

    Great! Β Thanks for confirming all is now well.

    #7219

    Colton3310
    Participant

    Oh, thanks. The answer is good, but I cannot understand the code. The flash slide show can work well if I use Kvisoft Photo Slide Show Maker to create one.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.