BPS js scripts blocked – 403 error

[Mohamad Hegazy]

hello,

good day as always!

i came to a strange medium issue, i know that BPS Pro is powerful but not to the point it deny its own css and js files 😀

i receive those into Security Log Alert

[403 GET Request: 5 April, 2018 - 10:05 am]
BPS Pro: 13.4.1
WP: 4.9.5
Event Code: PFWR-PSBR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: ***.***.***.***
Host Name: host-***.***.***.***-static.tedata.net
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://mywebsite.com/wp-admin/
REQUEST_URI: /wp-content/plugins/bulletproof-security/admin/js/bps-arq-ajax.js?ver=13.4.1
QUERY_STRING: ver=13.4.1
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36

[403 GET Request: 5 April, 2018 - 10:05 am]
BPS Pro: 13.4.1
WP: 4.9.5
Event Code: PFWR-PSBR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: ***.***.***.***
Host Name: host-***.***.***.***-static.tedata.net
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://mywebsite.com/wp-admin/admin.php?page=bulletproof-security/admin/core/core.php
REQUEST_URI: /wp-content/plugins/bulletproof-security/admin/js/bps-ui-tabs.js?ver=13.4.1
QUERY_STRING: ver=13.4.1
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36

[403 GET Request: 5 April, 2018 - 10:05 am]
BPS Pro: 13.4.1
WP: 4.9.5
Event Code: PFWR-PSBR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: ***.***.***.***
Host Name: host-***.***.***.***-static.tedata.net
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://mywebsite.com/wp-admin/admin.php?page=bulletproof-security/admin/core/core.php
REQUEST_URI: /wp-content/plugins/bulletproof-security/admin/js/bps-arq-ajax.js?ver=13.4.1
QUERY_STRING: ver=13.4.1
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36

[403 GET Request: 5 April, 2018 - 10:05 am]
BPS Pro: 13.4.1
WP: 4.9.5
Event Code: PFWR-PSBR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: ***.***.***.***
Host Name: host-***.***.***.***-static.tedata.net
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://mywebsite.com/wp-admin/admin.php?page=bulletproof-security/admin/core/core.php
REQUEST_URI: /wp-content/plugins/bulletproof-security/admin/js/bps-ui-accordion.js?ver=13.4.1
QUERY_STRING: ver=13.4.1
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36

[403 GET Request: 5 April, 2018 - 10:05 am]
BPS Pro: 13.4.1
WP: 4.9.5
Event Code: PFWR-PSBR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: ***.***.***.***
Host Name: host-***.***.***.***-static.tedata.net
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://mywebsite.com/wp-admin/admin.php?page=bulletproof-security/admin/core/core.php
REQUEST_URI: /wp-content/plugins/bulletproof-security/admin/js/bps-ui-dialog.js?ver=13.4.1
QUERY_STRING: ver=13.4.1
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36

[403 GET Request: 5 April, 2018 - 10:05 am]
BPS Pro: 13.4.1
WP: 4.9.5
Event Code: PFWR-PSBR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: ***.***.***.***
Host Name: host-***.***.***.***-static.tedata.net
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://mywebsite.com/wp-admin/admin.php?page=bulletproof-security%2Fadmin%2Fcore%2Fcore.php
REQUEST_URI: /wp-content/plugins/bulletproof-security/admin/js/bps-ui-tabs.js?ver=13.4.1
QUERY_STRING: ver=13.4.1
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36

any possible thought’s would be great!

Thank you!

[AITpro Admin]

The 403 errors are being caused by either outdated Proxy software that needs to be upgraded or a misconfigured Proxy server, which is causing the Plugin Firewall to block BPS js scripts.  The Security Log entries show the Server Protocol is HTTP/1.0, which indicates that a Proxy is involved in this problem.  Try the steps below.  If they do not work then contact your web host support and ask them to either update your Proxy software to Server Protocol HTTP/1.1 or HTTP/2 or fix the Proxy configuration issue or you can deactivate/not use the Plugin Firewall.

https://forum.ait-pro.com/forums/topic/plugin-firewall-read-me-first-troubleshooting/

Fix all general Plugin Firewall issues/problems and Proxy server configuration mistakes:
Note this fix also applies to using a VPN|Proxy when you are logged into your website.
Additional steps to fix both general Plugin Firewall issues/problems and to compensate for an additional Proxy server configuration mistake (whitelist the Proxy IP Address). Note: This only applies to Proxy server issues/problems. Use the steps above unless specifically instructed to use these steps below to fix/whitelist a Proxy server IP address problem.

1. Go to the BPS Security Log page and click the Delete Log button to delete your current Security Log file contents.
2. Go to the Plugin Firewall page.
3. Click the Plugin Firewall Additional Whitelist Tools accordion tab.
4. Enter Proxy server IP address: xxx.xxx.xxx.xxx in the Whitelist by Hostname (domain name) and IP Address text box.
5. Click the Save Hostname and IP Address Rules button.
6. Click the Plugin Firewall BulletProof Mode Deactivate button.
7. Delete (or cut if you want to add your existing whitelist rules back into the Plugins Script|File Whitelist Text Area) all of your Plugin Firewall whitelist rules out of the Plugins Script|File Whitelist Text Area.
8. Click the Save Whitelist Options button.
9. Click the Plugin Firewall Test Mode button.
10. Check your site pages by clicking on all main website pages: contact form page, home page, login page, etc.
11. Recheck the Plugins Script|File Whitelist Text Area (after 1 minute) and you should see new Plugin Firewall whitelist rules have been created.
12. Change the AutoPilot Mode Cron Check Frequency to 15 minutes or whatever frequency time you would like to use.
13. Click the Plugin Firewall Activate button.

[Mohamad Hegazy]

ummmm i’ll follow the steps and keep you updated, thank you!

but for curiosity dose it have anything that i have 219 rule in the plugin white list rule

also when clicking on setup wizard the second one it took too long around three minutes to complete and some time connection disconnected, do you know any way to improve it ?

[AITpro Admin]

Yep, let me know what happens after doing the steps.  This is a known issue that I have seen about 20 or more times over the last 7 years.  What does “i have 219 rule in the plugin white list rule” mean?  Are saying you have 219 whitelist rules in the “Plugins Script|File Whitelist Text Area” box?  If so, that would most likely mean you have a lot of plugins installed on this site.

For the Setup Wizard issue I’m guessing you have a VPS or Dedicated server because the Plugin Firewall Proxy issue occurs 99.99% of the time on VPS or Dedicated servers.  There is a known issue/problem with the Setup Wizard cURL scan option on VPS and Dedicated servers.  Go to the Setup Wizard Options tab page > cURL Scan Option: Turn On|Off cURL Scan > choose cURL Scan Off > click the Save cURL|DB Monitor Options button.  Run the Pre-Installation Wizard and Setup Wizard again.

Other possible causes:  You have an extremely large amount of files that need to be backed up to ARQ backup when the Setup Wizard runs.  You can check your ARQ backup file count/numbers on the AutoRestore page.  The average number of ARQ backup files is:  Root Files:  25-100, wp-admin Files:  530-550, wp-includes Files: 800-900, wp-content Files:  100-3000.  If you have more than 5,000 wp-content backup files then the Setup Wizard will take significantly longer to backup those wp-content files to ARQ backup.

[Mohamad Hegazy]

followed the instructions and it worked! Thank You, what iv’e done

1- deleted the logs
2- deactivated plugin firewall and cut the whitelisted rules  and saved it
3- i run test mode for 1 min and stopped it, i pasted my rules again and saved it.
4- i run setup wizard again and now it works, if it happens again i will check what last action triggered such a wired senario.

lastly i’m in siteground go geek plan, planning to move into their cloud package if my requirement increased.

last hting i noticed when i deleted any log file and tried to reset last time in db, it refresh the page but nothing happens, i tried to do it again 3 or 3 times and nothing happens, if i left it for a while and tried again it works i guess, so did you came by such a glitch before?

[AITpro Admin]

Great! Glad that worked.

Was this problem happening before you fixed the Plugin Firewall problem? If so, then it was caused by the Proxy/Plugin Firewall problem. If the problem is still occurring then I really have no idea what would cause that.

[Author]

Posts