BPS Pro Firewall Whitelisting

Home Forums BulletProof Security Pro BPS Pro Firewall Whitelisting

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • April 5, 2013 at 2:01 am #3826
    Paul D.
    Participant

    If I need to manually add different paths of different plugins in the white list window, do I need to put comma (or other separation methods) between those paths ? Or do I just need to paste it in the next line without adding separators ?

    Thanks in advance.

    April 5, 2013 at 7:47 am #3832
    AITpro Admin
    Keymaster

    The format is comma and space between all plugin scripts in the Plugin Firewall Whitelist Text Area.  /plugin-name/plugin-script.js, /another-plugin-name/another-plugin-script.js, /another-plugin-name/another-plugin-script.js

    Not sure what you mean by “need to manually add different paths of different plugins”.  Please post examples.

    April 5, 2013 at 10:58 am #3848
    Paul D.
    Participant

    That’s exactly what I meant in your examples. But instead of going over the firewall testing, I can see errors in Security logs and sometimes in PHP error logs.. and I know (from reading posts here) that I need to add those js and php paths to the firewall whitelist.

    Examples:

    /plugin-name/blabla.php, /another-plugin-name/another-plugin-script.js, /another-plugin-name/wootwoot.php

    Do I need to add the forward slash at the beginning of the path(s) ?

    April 5, 2013 at 11:14 am #3853
    AITpro Admin
    Keymaster

    The error log entries you sent me indicated that these errors possibly occurred by exiting Test Mode during testing for plugin scripts to whitelist.  Have activated the Plugin Firewall?  If so, are errors continuing to be logged?  If they are continuing to be logged then add those plugin scripts.  If they are not continuing to be logged then they do not need to be added to the Plugin Firewall whitelist.

    Yes, the forward slash is required.

    April 5, 2013 at 11:26 am #3855
    Paul D.
    Participant

    I have the habit of deleting Security Errors and PHP Errors then resetting the Last Modified time.. i’ll try to replicate the error(s) and will get back to you asap.

    My example above is not the actual error but the format (with comma and forward slash) that i’m trying to ask in the beginning of this thread.

    Thanks for clarifying the need for forward slash and comma separator.

    April 5, 2013 at 11:35 am #3856
    AITpro Admin
    Keymaster

    oops I thought I was answering another similar Forum Topic.  Disregard this:  “The error log entries you sent me indicated that these errors possibly occurred by exiting Test Mode during testing for plugin scripts to whitelist.”  And any plugin scripy errors you see in your error log add them to the Plugin Firewall whitelist.

    April 5, 2013 at 11:48 am #3857
    Paul D.
    Participant

    I thought so too hehe.

    Anyway here are the Security 403 error log entries when I tried to create a page in WordPress. ( I trimmed it down to the specific URI )

    REQUEST_URI: /wp-content/plugins/wp-rss-aggregator/js/custom.js?ver=3.5.1
    REQUEST_URI: /wp-content/plugins/wp-rss-aggregator/js/jquery.colorbox-min.js?ver=3.5.1
    REQUEST_URI: /wp-content/plugins/gls3protection/scripts/graybox/AJS.js
    REQUEST_URI: /wp-content/plugins/gls3protection/scripts/datetimepicker.js
    REQUEST_URI: /wp-content/plugins/wp-seo-images/assets/js/admin.js?ver=3.5.1
    REQUEST_URI: /wp-content/plugins/gls3protection/scripts/graybox/AJS_fx.js
    REQUEST_URI: /wp-content/plugins/gls3protection/scripts/graybox/gb_scripts.js
    REQUEST_URI: /wp-content/plugins/gls3protection/scripts/jquery-1.3.3.2.js
    REQUEST_URI: /wp-content/plugins/gls3protection/scripts/jquery.colorbox.js

    I can see that it involves 3 plugins.

    1. WP RSS Aggregator
    2. S3 Secure Download (gls3protection)
    3. WP SEO Images

    So, I assume i need to add those paths above (ie : /plugin_name/folder/file.extension without the version numbers) to the firewall whitelist.

    *EDIT

    Those security errors came up when I asked my friend to access the page I created. Remote testing.

    April 5, 2013 at 11:55 am #3858
    AITpro Admin
    Keymaster

    You can use Regular Expressions (Regex) to reduce and simplify your whitelist rules.  Also this is a good idea when plugin js scripts contain a version number since that might change in a later version of the plugin.

    /gls3protection/scripts/(.*).js – means match all js scripts in the  /wp-content/plugins/gls3protection/scripts/ folder.

    /wp-rss-aggregator/js/(.*).js – means match all js scripts in the /wp-content/plugins/wp-rss-aggregator/js/ folder.

    So you would end up with these plugin script whitelist rules.

    /wp-seo-images/assets/js/admin.js, /gls3protection/scripts/(.*).js, /wp-rss-aggregator/js/(.*).js

     

     

    April 5, 2013 at 12:08 pm #3862
    Paul D.
    Participant

    Awesome !  Now, I learned something new.

    Your help is very much appreciated !

  • Author
    Posts
Viewing 9 posts - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.