cURL Multi Page Scanner

Home Forums BulletProof Security Pro cURL Multi Page Scanner

Tagged: 

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • April 10, 2013 at 2:29 pm #4065
    AITpro Admin
    Keymaster

    Email Question:

    It worked with the cURL page scanner. When i test my sites i get 302 and 403 error with the jquery http: //tools.pingdom.com/fpt/#!/Js1hgUeJN/http://[domain name removed for privacy]

    /woodojo/bundled/woodojo-tabs/assets/js/functions.js, /woocommerce/assets/js/frontend/add-to-cart.min.js, /woocommerce/assets/js/frontend/cart.min.js, /woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js, /woocommerce/assets/js/frontend/woocommerce.min.js, /woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js, /woocommerce/assets/js/frontend/cart-fragments.min.js, /woocommerce/assets/js/jquery-placeholder/jquery.placeholder.min.js

    i placed this in my white list code area. Or do i need to place this in the custom code area

    April 10, 2013 at 2:39 pm #4066
    AITpro Admin
    Keymaster

    When I try to check your website I see this – This website is currently in maintenance mode.  So I cannot scan it.  Another way to check what plugin scripts are being blocked by the Plugin Firewall is to use the Firefox Browser and install Firebug and Firephp.  Any plugin scripts that are generating 403 errors will be displayed in Firebug and you can just add that plugin script manually to the Plugin Firewall Whitelist Text area.

    You can regular expressions for plugin script whitelist rules.  (.*) means match anything.

    /woodojo/bundled/woodojo-tabs/assets/js/functions.js, /woocommerce/assets/js/(.*).js

    For instructions on manually adding plugin scripts you can either click on the Plugin Firewall Blue Read Me help button or click the Forum link below.  http://forum.ait-pro.com/forums/topic/plugin-firewall-read-me-first-troubleshooting/

    April 10, 2013 at 3:09 pm #4068
    AITpro Admin
    Keymaster

    Email Reply:

    Thank you for your update, i have attached a .png of scripts from another of my sites with the same problem. My theme developer brought this to my attention using firebug. I placed the scripts in the whitelist area but i still get errors. the errors go away when i delete the .htaccess from the plugin folder.

    Answer:

    Most likely you have not completed all the setup steps for your Plugin Firewall.  Please see the Plugin Firewall Blue Read Me help button for the Plugin Firewall setup steps.  Also your screenshot shows additional plugin scripts that need to be added to your Plugin Firewall Whitelist.

    April 10, 2013 at 3:22 pm #4070
    Joshua Wilson
    Participant

    I looked at the blue button, does the test mode need to be activated to word correctly? Other than that im doing everything correctly.

    April 10, 2013 at 3:35 pm #4071
    AITpro Admin
    Keymaster

    Test Mode does not work correctly on your website/Server for one of the reasons I mentioned before so you will have to use an alternative method.  Using Google Chrome Developer tools or Firefox Firebug usually works fine.  Below are the additional plugin scripts you need to whitelist on your website.  The yellow hightlighted help text is the help info for manually adding plugin scripts to the Plugin Firewall.

    /woocommerce-grid-list-toggle/assets/js/(.*).js, /wpw_website_pet/js/(.*).js, /woodojo/bundled/woodojo-tabs/assets/js/functions.js

    How To Add Plugin Script/File Names Manually
    The Plugin Firewall blocks external/remote access to plugin files that are located in the plugins folder. If you have a script/file outside of the plugins folder then you do not need to Whitelist it.

    If you have a Payment Gateway Provider script/file (A PayPal IPN script for example) that is located in a plugin in your plugins folder then you should manually add that script/file name to Plugins Script/File Whitelist Text Area. Example: /some-example-plugin/api/paypal-ipn-script.php. To add this example script/file name to the Plugins Script/File Whitelist Text Area you would add it after any other scripts/files in the Plugins Script/File Whitelist Text Area separated by a comma and a space between each plugin script/file path that you add. Click the Save Whitelist Options button to save your plugin scripts and then activate Plugin Firewall BulletProof Mode.

    NOTE: Each plugin script/file path that you add MUST be separated by a comma and a space. Example: /some-example-plugin/api/paypal-ipn-script.php, /another-example-plugin/some-example-script.php. The path name starts with the plugin folder name (do not add /wp-content in the path name). After manually adding your script/file name path to the Plugins Script/File Whitelist Text Area you would then click the Save Whitelist Options button to save your Whitelist data to your database and activate Plugin Firewall BulletProof Mode.

    NOTE/Example: If you create a Buy Now button on the PayPal site then most likely you will have added the path to where the PayPal transaction script/file is on your website to the PayPal site when creating your Buy Now button to tell PayPal where to send your payment transaction data. This would be the script/file path (/some-example-plugin/api/paypal-ipn-script.php) that you would add to the Plugins Script/File Whitelist Text Area separated by a comma and a space.

    NOTE: Plugin Whitelisting rules use standard Regex characters. For example you could Whitelist all .js files in a particular plugins folder by creating this whitelist rule: /example-plugin-folder-name/(.*).js. The (.*) Regex characters mean match anything. The rule says match any file name in the /example-plugin-folder-name/ folder that is a .js file.

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.