Contact Form 7 File Attachment not being uploaded

Home Forums BulletProof Security Pro Contact Form 7 File Attachment not being uploaded

Tagged: 

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • October 13, 2016 at 11:40 pm #31159
    AW
    Participant

    Greetings,

    I just fix up Contact Form 7 with a ” file attachment ” capabilities.
    The whole form works perfectly, but however the ” attached file ” could not send to my hosting folder.

    1. I read instructions from WPCF7, I do enable execute read and write ( 7,7,7 ) permission in the WPFC uploaded folder. (Read me :http://contactform7.com/file-uploading-and-attachment/) But it could not solve the problem.

    2. There’s an .htaccess file in uploads/wpfc7 folders and its written ( Deny From All ). Could there be any setting on .htaccess that i need to deal with? Here’s my website :- http://maincuisine.com/post-free-ads/

    Please advise, thanks.
    Regards,
    Alex Wong

    October 14, 2016 at 9:01 am #31162
    AITpro Admin
    Keymaster

    Do BPS Pro troubleshooting step #4:  http://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting  Test attaching a file.  Check your Security Log for any Security Log entries related for form file attachments and post it in your reply if you find any Security Log entries.

    October 14, 2016 at 4:28 pm #31175
    AW
    Participant

    Hi Bps,
    TEST 1
    I tried the steps from 1 – 4
    1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works.
    2. On the Security Modes page, click the wp-admin Folder BulletProof Mode Deactivate button.  See Custom Code Note if doing this step works.
    3. On the Security Modes page, click the Plugin Firewall BulletProof Mode Deactivate button.
    4. On the Security Modes page, click the UAEG BulletProof Mode Deactivate button.

    I tried to upload files via WPCF7 > Successful send

    • The attached files does not show in the default folder of WPCF7 ( /public_html/xxxxxx/wp-content/uploads/wpcf7_uploads )
    • There’s a .htaccess files in ” wpcf7_uploads ” and i open it via code editor(cpanel) it written ” Deny from all “
    • The Permission I had set for ” wpcf7_uploads ” is  ” 7,7,7 “

    My BPS Security Logs does not show any errors ( sorry to bombard a bit of the logs for your reference ) :-

    [403 GET Request: October 11, 2016 2:00 pm]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 89.190.42.7
Host Name: 89.190.42.7
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /wp-content/plugins/user-avatar/readme.txt
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.0; WOW64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.66 Safari/535.11

[403 GET Request: October 11, 2016 2:01 pm]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 89.190.42.7
Host Name: 89.190.42.7
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /wp-content/plugins/topquark/readme.txt
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_0) AppleWebKit/536.3 (KHTML, like Gecko) Chrome/19.0.1063.0 Safari/536.3

[403 GET Request: October 11, 2016 2:01 pm]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 89.190.42.7
Host Name: 89.190.42.7
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /wp-content/plugins/wp-seo-spy-google/readme.txt
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.11 (KHTML, like Gecko) Ubuntu/10.10 Chromium/17.0.963.65 Chrome/17.0.963.65 Safari/535.11

[403 GET Request: October 13, 2016 10:20 am]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 182.239.55.14
Host Name: 182.239.55.14
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /wp-content/plugins/genesis-simple-defaults/readme.txt
QUERY_STRING:
HTTP_USER_AGENT: Empty User Agent

    TEST 2
    Then I Re-activate all the Steps 4 above that you recommend, it seems like there’s a highlight on ” Whitelist ” rules
    Error: One or more of your Whitelist rules are not valid
    Click on the Plugin Firewall Whitelist Tools accordion tab and correct/fix any invalid plugin whitelist rules in the Plugins Script|File Whitelist Text Area.
    Edit your Whitelist rules and correct whitelist rules that contain any of these invalid things:
    ver=, page=, src=, www, http, https, href, .com, .net, .org, .biz, .info, .gov, .edu and
    click the Save Whitelist Options button and activate the Plugin Firewall again.
    Valid plugin Whitelist rules MUST use ONLY this Format: /plugin-folder-name/plugin-script.js, /plugin-folder-name/(.*).js. Plugin paths/scripts are separated by a comma and a single space.

    In the “Plugins Script|File Whitelist Text Area”:-

    /akismet/_inc/form.js, /jetpack/modules/wpgroho.js, /contact-form-7/includes/js/jquery.form.min.js, /jetpack/modules/photon/photon.js, /contact-form-7/includes/js/scripts.js, /mts-wp-google-translate/public/js/wp-google-translate-public.js, /wp-fastest-cache/js/schedule.js, /wp-fastest-cache/js/toolbar.js, /jetpack/modules/related-posts/related-posts.js, /better-analytics/js/loader.php?ver=1.1.4.js, /bbpress/templates/default/js/editor.min.js, /jetpack/modules/sharedaddy/sharing.js, /wp-random-button/js/functions.js

    Appreciate your help and looking forward for your advise.
    Regards,
    Alex

    October 14, 2016 at 5:43 pm #31176
    AITpro Admin
    Keymaster

    Ok so the file attachment upload problem is not related to or being caused by BPS then.  You will need to contact the Contact Form 7 plugin author to figure out what the problem is.  The first obvious possible problem that you should check is that you have entered a valid path to the /wpcf7_uploads/ folder. We do not use Contact Form 7 on any our sites. I have no idea what settings are in that plugin. So I can’t really help you with that.

    BPS only creates an htaccess file in the root /uploads/ folder.  So the other htaccess file in the /wpcf7_uploads/ is probably created by the Contact Form 7 plugin.

    The Security Log entries are fine and not a problem.  The Plugin Firewall blocks external access to all plugin readme.txt files.  Hackers probe for these files to find out which plugins you have installed. The BPS Pro Plugin Firewall blocks the hacker probes.

    The Plugin Firewall whitelist rule that is not valid is this one:  /better-analytics/js/loader.php?ver=1.1.4.js. Remove/delete the Query string code: ?ver=1.1.4.js, resave your whitelist rules and activate the Plugin Firewall again.

    October 18, 2016 at 4:40 am #31204
    AW
    Participant

    Hi,

    I solved the Contact form 7, instead of saving it in my hosting folder, i direct it to send to my email. Thanks for the Wp Plugin errors and it solved!

    Now I encounter another strange issue. Here’s my website : http://www.maincuisine.com
    Error:-
    Error 1
    I realized that the ” Select Language ” at the bottom left ( Available only for desktop ) – was not responding.
    Error 2
    The drop down button on Menu section – Next to ” Trending ” is not responding as well. Could there be any js block or something ?
    Herewith i attached together with the Whitelist :-

    /akismet/_inc/form.js, /jetpack/modules/wpgroho.js, /contact-form-7/includes/js/jquery.form.min.js, /jetpack/modules/photon/photon.js, /contact-form-7/includes/js/scripts.js, /mts-wp-google-translate/public/js/wp-google-translate-public.js, /wp-fastest-cache/js/schedule.js, /wp-fastest-cache/js/toolbar.js, /jetpack/modules/related-posts/related-posts.js, /better-analytics/js/loader.php, /bbpress/templates/default/js/editor.min.js, /jetpack/modules/sharedaddy/sharing.js, /wp-random-button/js/functions.js

    The google translate.js is in the whitelist as well. Any ideas?

    Regards,
    Alex

    October 18, 2016 at 8:41 am #31206
    AITpro Admin
    Keymaster

    BPS Pro troubleshooting steps are always the same for every/any possible issues/problems to confirm or eliminate that BPS Pro is causing a problem or to isolate which BPS Pro security feature is causing a problem.  Do the BPS Pro troubleshooting steps here and test things:  http://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting and check your BPS Pro Security Log for any log entries related to what is not working.

    November 10, 2019 at 10:32 pm #38153
    Alex Laxton
    Participant

    Thanks for the solution, but when I am adding Contact form 7 I am not getting such type of error, so I am thankful for a solution but for Future if error comes I will go through this solution.

  • Author
    Posts
Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.