BPS Pro Alert: F-Lock Folder Lock Has Locked A Hosting Account Root Folder

Home Forums BulletProof Security Pro BPS Pro Alert: F-Lock Folder Lock Has Locked A Hosting Account Root Folder

Viewing 12 posts - 1 through 12 (of 12 total)
  • Author
    Posts
  • #39548
    Technoogies
    Participant

    I Keep getting this.

    “To view the Hosting Account Root Folder that was locked, log into your website and go to the BPS Pro F-Lock Folder Lock page. Click the Read Me help button on the Folder Lock page for instructions on what to do next.”

    The locked directories aren’t showing in the f-lock interface page, but locked they are and I’m not able to stop it.

    The folders I need access to keep getting locked and your read me isn’t clear on f-lock. Didn’t you disable it or retire  it? Is “Off” going to disable F-Lock, or is “On” going to disable it? I would assume “Off” should prevent it from putting it’s mitts all over folders outside of the WordPress install.
    Seems broken to me.

    #39549
    Technoogies
    Participant

    Found it.
    It’s a button on the bar, not a page until you find and click the button.
    Clarity goes far.

    #39550
    Technoogies
    Participant

    I got the permissions to stop being changed, but now files in these root folders of mine are getting quarantined.

    #39552
    AITpro Admin
    Keymaster

    To reset/clear the Folder Lock tool/feature do these 2 things highlighted in Yellow highlight below.  Then turn Off the Folder Lock feature > Folder Lock On|Off (Folder Lock Cron Check) > change the setting to > Folder Lock Off.  Folder Lock is one of those features that I regret creating like the File Lock feature.  I may just decide to remove the Folder Lock feature from BPS Pro.  For the file quarantine problem there could be many different complex scenarios going on.  So the simplest and quickest way for me to understand the exact problem scenario and to get this problem fixed ASAP is for you to send me a WordPress Administrator login to this site and also FTP login credentials to this hosting account.  Send your login info to:  info at ait-pro dot com.

    Reset|Clear Folder Lock Alerts
    To reset/clear Folder Lock Dashboard Alerts click the Reset|Clear Folder Lock Alerts button.

    Rescan|Add Hosting Account Root Folders
    Clicking the Rescan|Add Hosting Account Root Folders button deletes all existing DB rows displayed in the Folder Lock Table and creates new DB Rows that will be displayed in the Folder Lock Table.

    ReadMe Help Info button help information on the Folder Lock page.

    What Folder Lock Does & How it Works
    Folder Lock monitors your Hosting Account Root folder and checks for any new folders that are created. If a new folder is found in your Hosting Account Root folder that is not listed in the Folder Lock Table it is automatically locked with 400 folder permissions, which means that the folder will be literally locked and will not be accessible to anyone including you. Folder Lock is not intended to be used to secure/protect your existing Hosting Account Root folders since locking a folder literally means lock that folder and make it unusable/inaccessible to anyone including you. Folder Lock should ONLY be turned On, on 1 of your websites under your Hosting Account. You only want 1 of your websites under a Hosting Account to monitor the Hosting Account Root folder for all of your websites/your entire Hosting Account Root folder.

    Example Usage Scenario:
    A hacker creates a folder in your Hosting Account Root folder. Folder Lock will automatically lock that folder with 400 folder permissions, send you an email alert that a folder was locked and will display a Dashboard alert that a folder has been locked. If the folder is unlocked via FTP the folder will be automatically relocked again by Folder Lock until it is unlocked using the Folder Lock Unlock Form.

    IMPORTANT NOTES:
    1. Locking a folder literally means lock the folder and make the folder inaccessible and unusable. Locking a folder does not mean making the folder secure or adding security to a folder.
    2. The WP Core Folders: wp-admin, wp-content and wp-includes cannot be locked since that would cause your WordPress website to stop working.
    3. A Delete Folder option has intentionally not been added. If a hacker creates a folder in your Hosting Account Root folder then you should download a copy of that folder to your computer before deleting the folder from your Hosting Account Root folder using FTP. You probably want to take a look at what is in that hacker folder for any clues to what the hacker was attempting to do.
    4. AutoRestore|Quarantine monitors all files in your Hosting Account Root folder, but does check for new folders being created in the Hosting Account Root folder so Folder Lock covers this very low probability attack vector just in case. It is very unlikely that a hacker will ever create a folder in your Hosting Account Root folder.

    Folder Lock Cron Check Frequency:
    Choose how often the Folder Lock Cron Check should be performed. Every 1, 2, 3, 4, 5, 10, 15, 30 or 60 minutes. The Default Cron Frequency Check is set to 2 minutes by the Setup Wizard. You can of course change this to any other Cron frequency checking time that you want to use.

    Folder Lock On|Off (Folder Lock Cron Check):
    The Folder Lock Cron Check should ONLY be turned On, on 1 of your websites under your Hosting Account. You only want 1 of your websites in a Hosting Account monitoring your Hosting Account Root folder.

    Reset|Clear Folder Lock Alerts
    To reset/clear Folder Lock Dashboard Alerts click the Reset|Clear Folder Lock Alerts button.

    Rescan|Add Hosting Account Root Folders
    Clicking the Rescan|Add Hosting Account Root Folders button deletes all existing DB rows displayed in the Folder Lock Table and creates new DB Rows that will be displayed in the Folder Lock Table.

    Lock
    Locking a folder literally means lock the folder and make the folder inaccessible and unusable. Locking a folder does not mean making the folder secure or adding security to a folder. Lock uses 400 folder permissions, which means that no one including yourself can access the folder or add any files in that locked folder.

    Unlock
    Unlocking a folder uses the folder permissions that you see for the DB: value. If the DB: value is blank then 755 folder permissions will be used for the unlock folder permissions.

    Procedural Steps When Adding New Hosting Account Root Folders
    1. Login to the website that has Folder Lock turned On and turn Folder Lock Off.
    2. Upload/Add/Create your folders in your Hosting Account Root folder.
    3. Click the Rescan|Add Hosting Account Root Folders button.
    4. Turn Folder Lock On.

    Email and Dashboard Alert Settings
    Email and Dashboard Alerting option settings for Folder Lock are on the BPS Pro S-Monitor page.

    Troubleshooting
    If you upload/add or create a new folder in your Hosting Account Root folder and it is locked by Folder Lock do these steps below to unlock the folder and rescan your Hosting Account Root folder.
    1. Login to the website that has Folder Lock turned On.
    2. Check the Unlock checkbox for the folder you want to unlock and click the Submit button.
    3. Click the Rescan|Add Hosting Account Root Folders button.

    Additional Notes:
    1. On XAMPP when doing a CHMOD 0400 the Windows permissions show 0555 permissions, which basically does not mean anything since Windows permissions are different than Linux permissions. You cannot lock a file using CHMOD on Windows.
    2. If a new file is created in a folder then the Last Modified date of the folder will change to the time when that new file was created in that folder.

    #39555
    Technoogies
    Participant

    Thanks for the instructions, I disabled the Folder Lock.
    What I haven’t found yet is how to prevent specific items from being quarantined, whether in the site root or in a folder outside of the WP directory. Is there way to handle that on the AutoRestore page? Information? I have ADHD in a way that I have difficulty with much of the written instructions, not your problem though. Sometimes I miss the answer completely.
    Anyhow, where can I find this info to restrict items being quarantined?

    #39557
    AITpro Admin
    Keymaster

    I need to know the specific details of the problem so let’s start with this > Go to the Quarantine page > Quarantine Log page > copy your entire Quarantine Log file contents and post it in your forum reply.

    Also it may be helpful for you to read the top help section of the AutoRestore|Quarantine Guide forum topic to get familiar with the basics of how AutoRestore|Quarantine works.

    #39558
    Technoogies
    Participant

    Looks like the link you posted has the further detail I needed. Is all of your additional documentation is your forum only or do you have an online FAQ and user manual?

    Here’s an example from the quarantine log.

    [BPS Pro 14.9: non-WordPress Added File Quarantine Logged: November 15, 2020 2:04 am]
    Quarantined Filename: snapshots.php
    Quarantine Path: /home/XX/domains/technoogies.com/public_html/wp-content/bps-backup/quarantine/added-files/ssp-38d29b0c0c2b20b6a332996f249/includes/snapshots.php
    Restore Path: /home/XX/domains/technoogies.com/public_html/ssp-38d29b0c0c2b20b6a332996f249/includes/snapshots.php

    [BPS Pro 14.9: non-WordPress Added File AutoRestore Logged: November 15, 2020 7:00 pm]
    Quarantined Filename: error_log
    Quarantine Path: /home/XX/domains/technoogies.com/public_html/wp-content/bps-backup/quarantine/added-files//home/XX/domains/technoogies.com/public_html/error_log
    Restore Path: /home/XX/domains/technoogies.com/public_html/error_log

    #39559
    AITpro Admin
    Keymaster

    Ok yeah I thought that might be the issue/problem.  The AutoRestore Add Folders & Files feature works independently and completely differently than the standard AutoRestore features.  Also the Add Folders & Files feature is not included in the BPS Pro Setup Wizard.  So running the Setup Wizard does not backup Added Folders & Files since the Add Folders & Files feature is a completely independent feature.  The Add Folders & Files feature is explained in complete detail in the Add|Exclude Other Folders & Files Read Me help button on the Add|Exclude Other Folders & Files page.

    I recommend that you do not use the AutoRestore Add Folders & Files feature and remove all Added Folders & Files that you have added using the Remove Folders & Files tool.

    If you still want to use the Add Folders & Files feature then you will need to read through the help info in the Read Me help button on the Add|Exclude Other Folders & Files page.

    #39560
    Technoogies
    Participant

    On Add|Exclude Other Folders & Files page, is the “Add” button only for putting items external to the WordPress install as being monitored, and the “Exclude” button only for excluding content that is inside of the WordPress install from being monitored?

    So to be clear, you’re saying not to add the “ssp-38d29b0c0c2b20b6a332996f2498” folder with the Add|Exclude Other Folders & Files?
    Remove them from there if I’ve added them, and run the Setup Wizard instead?
    Will that keep this folder and its content from being quarantined?

    #39562
    AITpro Admin
    Keymaster

    Yep, that’s the general idea.  Here’s some more in-depth help info below from the Read Me help button on the Add|Exclude Other Folders & Files page. Yep, I recommend that you not use the Add Folders & Files feature and remove any Folders and files that you have added.  The Add Folders & Files feature is an independent feature that is not updated by the Setup Wizard.  Example:  If you want to add or remove folders and files you would add or remove them using the tools on the Add|Exclude Other Folders & Files page. Let’s say you Add a folder and then decide to add more files in that folder. You have to re-add that folder again since the Add Folders & Files feature is a completely independent and of course optional feature.

    Add Folders & Files Examples and Best Recommended Use – For non-WordPress Folders & Files ONLY

    Add Top Level Folder option
    This tool is ONLY for adding static files or static files that are dynamically updated – See NOTE above. Best Recommend use is to select the Add Top Level Folder option to add an entire non-WordPress folder to backup and to be checked by the ARQ Cron. Example: You have a Top Level non-WordPress Folder named orange. The folder path is /xxxxx/xxxxx/orange. You would select the Add Top Level Folder option and then enter the folder path to this folder /xxxxx/xxxxx/orange in the Enter an Add Folder or File Path text box and click the Add button. Additional Add options are Add a Specific Folder and Add An Individual File.

    Add A Specific Folder option
    This tool is ONLY for adding static files or static files that are dynamically updated – See NOTE above. Adding a specific folder can be used for adding ONLY a specific folder and all files in that specific folder – no subfolders of that specific folder will be added to backup and checked by the ARQ Cron. Example: You have a subfolder named orange-subfolder inside of the Top Level Folder named orange. The folder path is /xxxxx/xxxxx/orange/orange-subfolder. By adding only the specific folder orange-subfolder ONLY the files in that folder will be added to backup and checked by the ARQ Cron. Any files in the parent folder /xxxxx/xxxxx/orange/ will NOT be added to backup and be checked by the ARQ Cron and any subfolders of the /orange-subfolder will not be added to backup and checked by the ARQ Cron. Example: /xxxxx/xxxxx/orange/orange-subfolder/another-subfolder. The files in the /another-subfolder subfolder will not be backed up or checked by the ARQ Cron.

    Add An Individual File option
    Add an individual file will add just a single file to backup and be checked by the ARQ Cron. The most likely use for this would be if you are working on a particular file and you do not want the ARQ Cron to check it while you are working on it you would use the Remove Added Folders|Files Search tool to temporarily remove this file and after you are finished working on the file you would select the Add An Individual File option to add the file back to backup to be checked again by the ARQ Cron. You would enter the full path and filename in the Enter an Add Folder or File Path text box. Example: /xxxxx/xxxxx/orange/orange-subfolder/orange.php.

    Exclude Folders & Files Examples and Best Recommended Use – For WordPress Folders & Files ONLY

    Exclude An Individual File option
    Best Recommend use is to select the Exclude An Individual File option to exclude individual WordPress files ONLY from being checked by the ARQ Cron. Example Use: You have a plugin installed that regularly writes some content to a log file – /wp-content/plugins/example-plugin/Log-file.txt. Because the log file is being changed regularly the ARQ Cron will autorestore and quarantine that log file each time the file changes. To exclude that log file from being checked by the ARQ Cron you would select the Exclude An Individual File option and enter the path to the file that you want excluded in the Enter an Exclude Folder or File Path text box – /xxxxx/xxxxx/wp-content/plugins/example-plugin/Log-file.txt and click the Exclude button.

    Exclude A Specific Folder option – creates exclude rules for all files in a specific folder
    This tool is ONLY for excluding static files or static files that are dynamically updated – See NOTE above. Excluding a specific folder can be used for excluding all files in a specific WordPress folder ONLY – no files in subfolders of that specific folder will be excluded from being checked by the ARQ Cron. Example: You have a WordPress plugin subfolder named /wp-content/plugins/example-plugin/example-subfolder and you want to exclude all files in the entire folder /example-subfolder and all files in that specific folder from being checked by the ARQ Cron. You would select the Exclude A Specific Folder option and enter this path in the Enter an Exclude Folder or File Path text box – /xxxxx/xxxxx/wp-content/plugins/example-plugin/example-subfolder. By excluding only the specific folder /example-subfolder ONLY the files in that folder will be excluded from being checked by the ARQ Cron. Any files in the parent folder /xxxxx/xxxxx/wp-content/plugins/example-plugin will NOT be excluded from being checked by the ARQ Cron.

    Exclude Top Level Folder option – creates exclude rules for all files in all folders (top level and subfolders)
    This tool is ONLY for excluding static files or static files that are dynamically updated – See NOTE above. Use caution if you decide to use this option. Excluding a Top Level Folder means that all files in the WordPress folder that you choose and all files in the subfolders of that WordPress folder will be excluded from being checked by the ARQ Cron. Typically you should only need to exclude individual files that are repeatedly quarantined by the ARQ Cron, but if you are modifying several files in a WordPress folder then you could use this option to exclude the entire folder while you are modifying files in that folder and then use the Remove Excluded Folders|Files Search tool to remove the files from being excluded by the ARQ Cron check. Example: You are modifying several of your Theme files. You have a Top Level WordPress Folder named /xxxxx/xxxxx/wp-content/themes/my-theme and you want to exclude all subfolders and files from being checked by the ARQ Cron while you are modifying your Theme files. You would select the Exclude Top Level Folder option and then enter the folder path to this folder /xxxxx/xxxxx/wp-content/themes/my-theme in the Enter an Exclude Folder or File Path text box and click the Exclude button. After you are done modifying your Theme files you would FIRST backup your files by going to the AutoRestore|Quarantine Settings page and clicking the Backup Files button for the wp-content folder and then use the Remove Excluded Folders|Files Search tool to find and remove these files from being excluded from the ARQ Cron check.

    #39564
    AITpro Admin
    Keymaster

    Also the reason I recommend that you don’t use the Add Folders & Files feature is because you won’t need it. That feature was requested by someone many years ago.  I have not used it on any of my websites.  AutoRestore|Quarantine is the last line of security protection and it is extremely rare that a hacker gets that far through all the other layers of security protection in BPS Pro where ARQ has to do what it does – autorestore and quarantine files. If a hacker does make it through all the other layers of BPS Pro security protection the first place a hacker file/script is created is in the hosting account root folder, which is protected by default by AutoRestore|Quarantine. So the hacker’s file/script would be quarantined. At a later point a hacker would try to hide hacker files/scripts in other folders after the hacker had already established a foothold in the hosting account root folder.

    #39565
    Technoogies
    Participant

    Very good, thank you for your time.

Viewing 12 posts - 1 through 12 (of 12 total)
  • You must be logged in to reply to this topic.