Cloudflare – Login Security and Plugin Firewall not working

Home Forums BulletProof Security Pro Cloudflare – Login Security and Plugin Firewall not working

Tagged: 

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • June 27, 2019 at 9:19 am #37603
    AITpro Admin
    Keymaster

    Problem:  Cloudflare breaks the BPS Pro Plugin Firewall, which in turn breaks BPS Pro Login Security and other things.  Important Note:  This only appears to be caused by installing WordPress Cloudflare plugins and not when installing Cloudflare from your web host control panel or directly from the Cloudflare website.

    Solution:  Copy the Cloudflare IP address Range htaccess code below into the Plugin Firewall > Plugin Firewall Additional Whitelist Tools > Whitelist by Hostname (domain name) and IP Address text box > click the Save Hostname and IP Address Rules button > click the Plugin Firewall Activate button.

    cloudflare.com, 173.245.48.0/20, 103.21.244.0/22, 103.22.200.0/22, 103.31.4.0/22, 141.101.64.0/18, 108.162.192.0/18, 190.93.240.0/20, 188.114.96.0/20, 197.234.240.0/22, 198.41.128.0/17, 162.158.0.0/15, 104.16.0.0/12, 104.24.0.0/14, 172.64.0.0/13, 131.0.72.0/22, 2400:cb00::/32, 2606:4700::/32, 2803:f800::/32, 2405:b500::/32, 2405:8100::/32, 2a06:98c0::/29, 2c0f:f248::/32
    September 22, 2019 at 4:32 am #37930
    AbZu2
    Participant

    Thanks

    April 2, 2020 at 1:47 am #38826
    Benito
    Participant

    Not working on Debian and apache2.4 because Rewritecond not accepting this kind of CIDR notation.

    I made 3 changes on 3 files :
    admin/wizard/swizard-functions.php
    admin/core/core-forms.php
    includes/firewall-autopilot.php

    Modifications :

    $allow_whiteList[] .= 'RewriteCond %{REMOTE_ADDR} !^' . $allow_Value . '$' . "\n";
->
$allow_whiteList[] .= 'RewriteCond expr "! -R \'' . $allow_Value . '\'"' . "\n";

    Now, cloudflare IPs are OK

    April 2, 2020 at 11:22 am #38829
    AITpro Admin
    Keymaster

    @ Benito – You would have to make these same modifications each time you upgraded BPS Pro.  Not huge deal I guess, but probably figuring out why your particular server configuration is not working with the standard BPS Pro code would be a better route to take in the long run.  I’m guessing this is some kind of httpd.conf configuration issue somewhere or maybe the other Apache conf files.  In general that standard BPS Pro code works fine for most people.  I don’t have a lot of spare time these days with everything going on to look into this.

    Maybe try doing Google searches for: Apache httpd.conf config + CIDR for starters and then of course do variations of that search term to find the server config solution.

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.