Digital Access Pass DAP 403 error

Home Forums BulletProof Security Free Digital Access Pass DAP 403 error

This topic contains 18 replies, has 5 voices, and was last updated by  AITpro Admin 3 years, 6 months ago.

Viewing 15 posts - 1 through 15 (of 19 total)
  • Author
    Posts
  • #6819

    darkspeed.com
    Participant

    I use Digital Access Pass and on installing Bulletproof Security I was no longer able to use the membership signup form as it returned a 403 error. I was able to track down the problem if anyone else is having the same issue. Just wanted you to know that if you have any members who use the http://wordpress.org/plugins/bulletproof-security/ Plugin, it places a line in secure.htaccess by default that brakes DAP’s ability to sign up users and returns a 403. The lines of htaccess code are:

    RewriteCond %{QUERY_STRING} http: [NC,OR]
    RewriteCond %{QUERY_STRING} https: [NC,OR]

    had to comment them out with a # and now everything works well
    Thanks
    Todd

    #6821

    AITpro Admin
    Keymaster

    Not sure why your post was spammed.  I unspammed it.  Many years ago someone asked about DAP and I vaguely remember something had to do with how the DAP iFrame loads within the WordPress Dashboard.  I will look around and see if there is any old info about DAP somewhere.

    #6896

    darkspeed.com
    Participant

    I am back to having problems..I get this when someone tries to fill out a subscribe on my site. The subscribe goes through but rather than the sucess page i get a 403 error. any ideas??

    >>>>>>>>>>> 403 GET or Other Request Error Logged - June 14, 2013 - 2:24 pm <<<<<<<<<<<
    REMOTE_ADDR: 108.9.107.210
    Host Name: pool-108-9-107-210.tampfl.fios.verizon.net
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http: //darkspeed.com/free-trial-join-now/
    REQUEST_URI: /dap/authenticate.php?email=bobo1%40darkspeed.com&password=KW3JS&submitted=Y&request=http://darkspeed.com/member-login/?msg=SUCCESS_CREATION&daplistbuildercredits=
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:22.0) Gecko/20100101 Firefox/22.0
    #6904

    AITpro Admin
    Keymaster

    UPDATE: BPS Pro 13+ and BPS 2.0+ versions have a feature called: Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup) that automatically creates plugin and theme whitelist rules and automatically sets up and cleans up caching plugins htaccess code.

    Edit|Update:  Create a skip/bypass for the authenticate.php and signup_submit.php files as shown below.

    1. Copy the modified TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE code below to this BPS Root Custom Code text box: CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
    2. Click the Save Root Custom Code button.
    3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

    IMPORTANT!!!: Edit the code below after copying it to BPS Custom Code and replace “example.com” with your actual website domain name.

    # TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
    # Use BPS Custom Code to modify/edit/change this code and to save it permanently.
    # Remote File Inclusion (RFI) security rules
    # Note: Only whitelist your additional domains or files if needed - do not whitelist hacker domains or files
    RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR]
    RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC]
    RewriteRule .* index.php [F]
    # 
    # Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php)
    RewriteCond %{REQUEST_URI} (authenticate\.php|signup_submit\.php|timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
    # Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).*
    RewriteCond %{HTTP_REFERER} ^.*example.com.*
    RewriteRule . - [S=1]

    Additional solution for 403 error instead of being redirected to a Thank You page or other page
    1. Copy the modified BPS Query String Exploits below to this BPS Root Custom Code text box: CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS
    2. Click the Save Root Custom Code button.
    3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

    # BEGIN BPSQSE BPS QUERY STRING EXPLOITS
    # The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good bots use it too.
    # Good sites such as W3C use it for their W3C-LinkChecker.
    # Use BPS Custom Code to add or remove user agents temporarily or permanently from the
    # User Agent filters directly below or to modify/edit/change any of the other security code rules below.
    RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
    RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%20+\\s+)(http|https)(:/|/) [NC,OR]
    RewriteCond %{THE_REQUEST} etc/passwd [NC,OR]
    RewriteCond %{THE_REQUEST} cgi-bin [NC,OR]
    RewriteCond %{THE_REQUEST} (%0A|%0D|\\r|\\n) [NC,OR]
    RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR]
    RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR]
    RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR]
    #RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(http|https):// [NC,OR]
    RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [NC,OR]
    #RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR]
    RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR]
    RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%2e%2e/|\.\.%2f|%2e\.%2f|%2e\./|\.%2e%2f|\.%2e/) [NC,OR]
    RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
    #RewriteCond %{QUERY_STRING} (http|https)\: [NC,OR]
    RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR]
    RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
    RewriteCond %{QUERY_STRING} ^(.*)cPath=(http|https)://(.*)$ [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*embed.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C)([^e]*e)+mbed.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*object.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C)([^o]*o)+bject.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR]
    RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
    RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR]
    RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
    RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]
    RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR]
    RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x7f).* [NC,OR]
    RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR]
    RewriteCond %{QUERY_STRING} (\.{1,}/)+(motd|etc|bin) [NC,OR]
    RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
    RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
    RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR]
    RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
    RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR]
    RewriteCond %{QUERY_STRING} \-[sdcr].*(allow_url_include|allow_url_fopen|safe_mode|disable_functions|auto_prepend_file) [NC,OR]
    RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR]
    RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
    RewriteRule ^(.*)$ - [F]
    # END BPSQSE BPS QUERY STRING EXPLOITS
    #6905

    darkspeed.com
    Participant

    Thank you! That solved my problem!

    #17108

    JimmyD
    Participant

    [Topic has been merged into this relevant Topic]

    BPS was causing my DAP member site plugin to not process new members so I had it uninstalled. Unfortunately, the tech did not uninstall properly. Now I have the custom BPS .htaccess remaining on my server in root as well as in wp-admin. Therefore, my DAP member site plugin problems remain. How do I get rid of these .htaccess files without breaking my site. I do not have a backup of the .htaccess file that was there before BPS was installed.

    #17119

    AITpro Admin
    Keymaster

    @ JimmyD – you can either use the whitelisting method in this Forum Topic to whitelist what is being blocked in DAP or if you want to uninstall BPS you would use the uninstall steps here:  http://forum.ait-pro.com/forums/topic/read-me-first-free/

    #17120

    JimmyD
    Participant

    OK. When BPS was installed, was a backup of my original .htaccess file created. If so, where can I find that on my server?

    #17121

    AITpro Admin
    Keymaster

    If you backed up your .htaccess files using BPS Backup & Restore then you can restore your old .htaccess file using the Restore feature.  Or if you did not make a backup of your .htaccess file then you can restore it using your web host control panel file manager and restore an older root .htaccess file.

    By default I do not believe that DAP comes with any .htaccess code.  If DAP does come with .htaccess code then you should be able to deactivate and activate DAP and it should add any .htaccess code that it uses (if it does use .htaccess code) to your root .htaccess file.

    Or you would go to DAP settings and resave your DAP .htaccess settings if DAP comes with any .htaccess code, which I do not believe that DAP has by default.

    #17140

    JimmyD
    Participant

    Thanks, deactivating and reactivating DAP Livelinks did the trick by adding the required code to .htaccess!

    #21710

    coen
    Participant

    I also use Digital Access Pass on my websites and so far it worked fine without problems. But now on installing Bulletproof Security at cocreatie013.nl I was no longer able to use the membership signup form as it returned a 403 error. I can not find the why it works on my other websites and doesn’t on this one. What can I do to solve this problem?

    #21711

    AITpro Admin
    Keymaster

    Starting at zero.  Are you saying that the problem that is occurring is similar to the problem and solution in this forum topic or are you saying that something has changed with DAP and either none of the issues in this forum topic are relevant or this could be some new issue due to something new that DAP is doing? A BPS security log entry will tell me if something is being blocked by BPS and what is being blocked.  Please post a BPS Security Log entry.

    #21714

    coen
    Participant

    BPS Security Log entry:

    [403 GET / HEAD Request: 30 March 2015 - 17:19]
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 84.24.184.204
    Host Name: 5418B8CC.cm-5-1c.dynamic.ziggo.nl
    SERVER_PROTOCOL: HTTP/1.0
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR: 84.24.184.204
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://cocreatie013.nl/wat/aanmelden-test/
    REQUEST_URI: /dap/authenticate.php?email=info%40webcoach.nl&password=8HCZN&submitted=Y&request=http://cocreatie013.nl/members/aanmelden/dap/?msg=SUCCESS_CREATION&daplistbuildercredits=
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:36.0) Gecko/20100101 Firefox/36.0
    #21715

    coen
    Participant

    [modified content as it exposed private information that should probably not be posted publicly]

    #21724

    AITpro Admin
    Keymaster

    I modified/deleted your post content since it exposed some things publicly that should probably not be exposed.  Please send me an email so that we can do this directly: edward at ait-pro dot com.  Thanks.

Viewing 15 posts - 1 through 15 (of 19 total)

You must be logged in to reply to this topic.