Curation Traffic plugin 403 error

Home Forums BulletProof Security Pro Curation Traffic plugin 403 error

Tagged: , ,

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • January 2, 2014 at 10:32 am #12178
    AITpro Admin
    Keymaster

    Email Question:

    I’m trying to figure out how to set things up to get the Curation Traffic plugin to work, but keep getting errors from BPS Pro. After trying several other approaches, like changing the .htaccess file in the ROOT folder, I realized maybe I should change things in the WP-ADMIN and PLUGINS folders, so I have now done the following:

    1. deleted the .htaccess file from the plugins directory, and
    2. added the following code to the WP-ADMIN directory

    CUSTOM CODE WPADMIN TOP:

    <FilesMatch "curate-this\.(php)$">
Order Allow,Deny
Allow from all
</FilesMatch>

    But even with these changes, I’m still getting the following error:

    BPS PRO SECURITY / HTTP ERROR LOG
=================================
=================================

>>>>>>>>>>> 403 GET or HEAD Request Error Logged - January 2, 2014 - 10:27 am <<<<<<<<<<<
REMOTE_ADDR: [ip address removed for privacy]
Host Name: [host named removed for privacy]
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP: 
HTTP_FORWARDED: 
HTTP_X_FORWARDED_FOR: 
HTTP_X_CLUSTER_CLIENT_IP: 
REQUEST_METHOD: GET
HTTP_REFERER: [domain name removed for privacy]/2014/01/02/fallouts-classic-catalogue-removed-from-gog-due-to-rights-issue/
REQUEST_URI: /blog/wp-admin/curate-this.php?u=http%3A%5C%2F%5C%2F[domain name removed for privacy]%5C%2F2014%5C%2F01%5C%2F02%5C%2Ffallouts-classic-catalogue-removed-from-gog-due-to-rights-issue%5C%2F&t=Fallout%27s%20classic%20catalogue%20removed%20from%20GOG%20due%20to%20rights%20issue%20%7C%20PC%20Gamer&s=&v=4
QUERY_STRING: 
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36

    Do I have the FilesMatch syntax correct?, and/or can you help me determine what I am doing wrong? Or if there is some conflict between the plugins? Thanks for any info.

    January 2, 2014 at 10:37 am #12179
    AITpro Admin
    Keymaster

    The Request URI shows that this plugin is simulating an RFI hacking attempt against your website, which BPS Pro is blocking.  To allow/whitelist this script on your website in the wp-admin htaccess file/wp-admin Custom Code add this skip/bypass rule to wp-admin Custom Code.

    1. Add the skip/bypass rule below to this wp-admin Custom Code text box:  

    # Curation Traffic plugin curate-this.php skip/bypass rule
RewriteCond %{REQUEST_URI} (curate-this\.php) [NC]
RewriteRule . - [S=2]

    2.  Click the Save wp-admin Custom Code button.

    3.  Go to the Security Modes page and activate wp-admin BulletProof Mode again.

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.