Cron Job not working – 403 error

Home Forums BulletProof Security Free Cron Job not working – 403 error

This topic contains 4 replies, has 2 voices, and was last updated by  ivan 2 months, 1 week ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #37740

    ivan
    Participant

    hello, my cron job doesn’t work.

    I was also reading about a similar problem on this fore, but I couldn’t fix it.

    Please, what code should I put into CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS: Modify Query String Exploit code here ?

    [403 GET Request: 07/08/2019 - 15:04]
    BPS: 3.1
    WP: 4.9.10
    Event Code: WPADMIN-SBR
    Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
    REMOTE_ADDR: GDPR Compliance On
    Host Name: 62.197.243.15
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP: GDPR Compliance On
    HTTP_FORWARDED: GDPR Compliance On
    HTTP_X_FORWARDED_FOR: GDPR Compliance On
    HTTP_X_CLUSTER_CLIENT_IP: GDPR Compliance On
    REQUEST_METHOD: GET
    HTTP_REFERER: https://www.EXAMPLE.sk/wp-admin/admin.php?page=zasilkovna&form=pl
    REQUEST_URI: /wp-admin/admin.php?page=zasilkovna&form=pl&check=ok%27;%20?%3E
    QUERY_STRING: page=zasilkovna&form=pl&check=ok%27;%20?%3E
    HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0

    Thank you for your response

    #37741

    AITpro Admin
    Keymaster

    The Security Log entry that you posted does not look like a typical log entry for a blocked Cron Job.  So it may just look different or maybe this is a separate/different problem.  What is being blocked in the Security Log entry that you posted is the single quote code character: %27 or ' and the angle bracket code character: %3E or >.  Try using the Query String whitelist rule for the wp-admin htaccess file below and let me know if that works or not.

    1. Copy the wp-admin htaccess code below into this BPS wp-admin Custom Code text box: 3. CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES
    2. Click the save wp-admin Custom Code button.
    3. Go to the Security Modes page and click the wp-admin folder BulletProof Mode Activate button.
    Important Note:  If you are already have an existing Skip rule (S=2) in the 3. CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES text box then add your new Cron Job Query String skip/bypass rule above the existing S=2 skip rule and change the Skip rule number to: S=3.

    # Custom Cron Job Query String skip/bypass rule
    RewriteCond %{QUERY_STRING} page=zasilkovna(.*) [NC]
    RewriteRule . - [S=2]
    #37742

    ivan
    Participant

    Hi,

    i add this code and not save in htacess..

    http://screenshot.cz/G2/G2TYA/code.png
    after saving, show me a white page in the administration and the changes will not be saved.
    I tried to turn on php error and show nothing.

    #37743

    AITpro Admin
    Keymaster

    Sounds like a very common Mod Security problem: https://forum.ait-pro.com/forums/topic/mod-security-common-known-problems/. Note: We are currently working on changing several of the forms in BPS and BPS Pro since the Mod Security problem is an ongoing problem that is continuing to get worse over time.

    You really do not need the BPS wp-admin htaccess file (wp-admin BulletProof Mode). We added that many years ago for 2 reasons: A significant number of people requested it and some web hosts for whatever reason required that a wp-admin htaccess file existed if BPS Root BulletProof Mode was activated. So go ahead and deactivate wp-admin BulletProof Mode on the Security Modes page and let me know if that workaround solution solves the problem. Note: Mod Security is also known to break other things in BPS. See the link above for other problems caused by Mod Security.

    #37744

    ivan
    Participant

    Good day,I have found what the problem is and why blocks url.

    /wp-admin/admin.php?page=zasilkovna&form=pl&check=ok'; ? >

    convert to:

    /wp-admin/admin.php?page=zasilkovna&form=pl&check=ok%27;%20?%3E

    and correctly url is:

    /wp-admin/admin.php?page=zasilkovna&form=pl

    and working.

    the problem was in the plugin not in Bulletproof.
    Well thank you

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.