Divi Theme-Related Security Log Entries

Home Forums BulletProof Security Pro Divi Theme-Related Security Log Entries

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #38523
    Living Miracles
    Participant

    Hello,

    On my SiteGround Dedicated server-hosted sites that use the Divi theme (a premium theme made by Elegant Themes), I recently noticed security log entries after updating the Divi theme and opening a page in the backend that uses the page builder that comes with the theme.

    Here is an example of the log entries we’re seeing:

    [403 POST Request: January 17, 2020 - 9:28 am]
    BPS Pro: 14.3
    WP: 5.3.2
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 216.250.39.154
    Host Name: d216-250-39-154.allwest.net
    SERVER_PROTOCOL: HTTP/1.0
    HTTP_CLIENT_IP: 
    HTTP_FORWARDED: 
    HTTP_X_FORWARDED_FOR: 
    HTTP_X_CLUSTER_CLIENT_IP: 
    REQUEST_METHOD: POST
    HTTP_REFERER: https://domain.tld/?et_pb_preview=true&et_pb_preview_nonce=0e64d00e88&iframe_id=et-fb-preview-1579278494104-765
    REQUEST_URI: /?et_pb_preview=true&et_pb_preview_nonce=0e64d00e88&iframe_id=et-fb-preview-1579278494104-765
    QUERY_STRING: et_pb_preview=true&et_pb_preview_nonce=0e64d00e88&iframe_id=et-fb-preview-1579278494104-765
    HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36
    REQUEST BODY: et_pb_preview_nonce=0e64d00e88&is_fb_preview=true&shortcode=%5Bet_pb_section+fb_built%3D%221%22+admin_label%3D%22section%22+_builder_version%3D%223.22%22%5D%5Bet_pb_row+admin_label%3D%22row%22+_builder_version%3D%223.25%22+background_size%3D%22initial%22+background_position%3D%22top_left%22+background_repeat%3D%22repeat%22%5D%5Bet_pb_column+type%3D%224_4%22+_builder_version%3D%223.25%22+custom_padding%3D%22%7C%7C%7C%22+custom_padding__hover%3D%22%7C%7C%7C%22%5D%5Bet_pb_post_title+meta%3D%22off%2

    Here is what I can see: The “et_” is definitely from the Divi theme or builder (“et” stands for Elegant Themes). It seems that this should be a normal theme-related process that shouldn’t be getting flagged by BPS Pro, yet for some reason it is getting flagged as “BFHS – Blocked/Forbidden Hacker or Spammer.” Can you see what is in this log entry that’s getting flagged by BPS Pro?

    Ideally, I wouldn’t want to get these security log entries each time I open a page in the backend to edit. Are you able to tell if this issue is on BPS Pro’s or Elegant Themes’ end? If it is on Elegant Themes’ end, could you suggest something I should pass along to them so that they can resolve the issue?

    FYI, even though we are seeing those security log entries, it does appear that the builder functions properly.

    Thank you!
    Nicolas from Living Miracles

    #38524
    AITpro Admin
    Keymaster
    #38525
    Living Miracles
    Participant

    Okay, thank you for the response. We’ll try this out across our sites when we have the time and see if this resolves the issue.

    Nicolas from Living Miracles

Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.