Search causes 403 error

Home Forums BulletProof Security Pro Search causes 403 error

  • This topic has 3 replies, 3 voices, and was last updated 5 years ago by Todd.
Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #2571
    hcri50
    Participant
    BPS PRO SECURITY / HTTP ERROR LOG
    =================================
    =================================
    
    >>>>>>>>>>> 403 GET or Other Request Error Logged - March 6, 2013 - 9:13 pm <<<<<<<<<<<
    REMOTE_ADDR: 50.96.12.97
    Host Name: h97.12.96.50.dynamic.ip.windstream.net
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://www.homesteadcentennialclass.com/how-to-contact-us/
    REQUEST_URI: /?s=Search+this+website...
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/536.26.17 (KHTML, like Gecko) Version/6.0.2 Safari/536.26.17
    #2574
    AITpro Admin
    Keymaster

    This issue is no longer an issue/problem in the most current versions of BPS and BPS Pro

    Your Theme MyCuisine has a search window that is displaying this:  Search This Website… as the default search window text.  When someone does not enter anything into the search window the search is performed using the default text which is triggering a 403 error because of the 3 dots:  …  Dots are a coding character and 3 dots together violates the BPS security filter below.

    You can either comment out this security filter in the BPS root .htaccess file or you can change the default text in the search window and remove the 3 dots.

    RewriteCond %{QUERY_STRING} (\.\./|\.\.) [OR]
    #2595
    hcri50
    Participant

    THANK YOU SO MUCH FOR HELPING ME ON THIS. I added that to the end of the  .htaccess in the root directory. And it solved my problem. YOU ARE FANTASTIC. Truly the best plugin 

    #28059
    Todd
    Participant

    I don’t have BPS Pro but I have a similar issue and this is the only thread I could find that addresses my issue with search. When someone adds an apostrophe in their search term: (example – Men’s Group) they receive the 403 page. I know I can comment this out in the root .htaccess file, but the ‘ and corresponding %27 appears in several locations. Is that how I am supposed to do it? Comment out all of these? It seems like that will make our site a lot less secure.

    
    [403 GET Request: February 2, 2016 - 11:49 am]
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 8.4.120.137
    Host Name: 8.4.120.137
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://theinnerrevolution.org/
    REQUEST_URI: /?s=Men%27s+Group
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.28 Safari/537.36
    
    [403 GET Request: February 2, 2016 - 11:51 am]
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 8.4.120.137
    Host Name: 8.4.120.137
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://theinnerrevolution.org/?s=Men+and+The+Inner+Revolution
    REQUEST_URI: /?s=Women%27s+
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.28 Safari/537.36

    Thanks!

     

Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.