Plugin Firewall – Using Firefox with Firebug and Firephp, find plugin scripts to whitelist

[guy te watson]

The plugin firewall setup has become a 95% manual task.  I am getting lots of errors related to and surrounding plugins errors.  Seems like it would be easier to just have an option for someone to just allow all the current  .js or .php or .swf and similar files to be auto white-listed.  As it is now I have spend for my five sites, several hours over days to manually check logs for errors to whitelist and I am still not done.  I have whitelisted things and am still getting error related to the plugin like ” /ezhtml2wp/templates/advhtml2wp.php”  below.  I also experienced a serious slowdown of my server last night so that the blogs that I have BPS Pro on were getting Internal 500 errors and pages were not coming up. I think it was from an external backup program trying to access the plugin and backup my blog. I have since whitelisted that.

1. Can you help me with the following errors and tell me if they are related to BPS (they seem to be to me) and how to correct them, especially if I have already whitelisted the plugin?.
2. Also why would I be getting “wp_config and wp-settings” errors?
3. And How do I stop theme errors?
Here are some errors I can’t stop so far.

PHP Error Log:
/plugins/ezhtml2wp/templates/advhtml2wp.php
wp-includes/template-loader.php
wp-blog-header.php
wp_bpspro_arq_exclude
wp_bpspro_arq_quarantine’

Solutions Site:
PHP Error Log:

[11-Apr-2013 11:55:54 America/Chicago] WordPress database error Table 'XXXXXXXXXs_wrdp7.wpforce' doesn't exist for query SELECT COUNT(*) FROM wpforce where ((ip = '198.154.194.109') AND (postid = '5683')); made by require ('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), do_action('template_redirect'), call_user_func_array, ezhw_redirect, include('/plugins/ezhtml2wp/templates/advhtml2wp.php'), do_shortcode, preg_replace_callback, do_shortcode_tag, call_user_func, html2wp_shortcode, do_shortcode, preg_replace_callback, do_shortcode_tag, call_user_func, force_traffic->wsv_init_shortcode, force_traffic->force_return_content, force_traffic->gotnewip WHERE option_name = 'cron' made by require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), do_action('init'), call_user_func_array, SPYDERS::checkUpgrade, SSPluginUpdateChecker->__construct, SSPluginUpdateChecker->installHooks, wp_schedule_event, _set_cron_array, update_option

[11-Apr-2013 02:28:34 UTC] WordPress database error MySQL server has gone away for query SELECT ip FROM wp_ttc_ip_blacklist made by require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), do_action('init'), call_user_func_array, ttc_security

[11-Apr-2013 02:28:34 UTC] WordPress database error MySQL server has gone away for query SELECT agent FROM wp_ttc_agent_blacklist made by require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), do_action('init'), call_user_func_array, ttc_security

[11-Apr-2013 02:28:34 UTC] WordPress database error MySQL server has gone away for query DELETE FROM wp_bpspro_arq_exclude WHERE arq_exclude_source = '/home/XXXXXXXXX/public_html/wp-content/bps-backup/logs/bps_php_error.log' made by do_action('admin_init'), call_user_func_array, bulletproof_security_admin_init

Theme issues also below –
/themes/OptimizePress/members-style1-moduleUS.php

[10-Apr-2013 15:23:12 America/Chicago] WordPress database error Table 'xxxxxxxxxxxxxs_wrdp7.wpforce' doesn't exist for query SELECT COUNT(*) FROM wpforce where ((ip = '198.154.194.109') AND (postid = '5427')); made by require ('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/OptimizePress/members-style1-moduleUS.php'), the_content, apply_filters('the_content'), call_user_func_array, do_shortcode, preg_replace_callback, do_shortcode_tag, call_user_func, force_traffic->wsv_init_shortcode, force_traffic->force_return_content, force_traffic->gotnewip

[11-Apr-2013 05:32:05 GMT] PHP Fatal error:  Out of memory (allocated 63438848) (tried to allocate 32 bytes) in /home/xxxxxxxxxxxxxs/public_html/wp-content/themes/OptimizePress/admin/clscustomfields.php on line 1487

Help To Stop:
/home/XXXXXXXXX/public_html/wp-config.php on line 49

[10-Apr-2013 20:28:40 America/Denver] PHP Notice:  Constant ABSPATH already defined in /home/XXXXXXXXX/public_html/wp-config.php on line 49

Theme issues also below –
/wp-content/themes/sem-reloaded/inc/template.php
/wp-content/themes/sem-reloaded/inc/widgets.php on line 374
/wp-content/themes/sem-reloaded/inc/panels.php on line 66

web Yel Site:

[10-Apr-2013 02:32:20] PHP Warning:  call_user_func_array() [function.call-user-func-array]: First argument is expected to be a valid callback, 'socialenforcer_addheader' was given in /home/XXXXXXXXXXXXX/public_html/wp-includes/plugin.php on line 403

Thanks for the Help!

[AITpro Admin]

Normally the Plugin Firewall Test Mode whitelisting should only take a few minutes per website, but because of the way you prefer to have links opened in a new Browser window then you cannot use the Test Mode feature. There are several other fairly quick and easy methods to get the plugin scripts you need to whitelist. It is not possible to automatically whitelist plugin scripts.  There are too many differences/variables between WordPress websites, URL structures and several other factors that make this impossible to automate. One the simplest methods is to use the Firefox Browser and install Firebug and Firephp.

1. Turn Off AutoRestore.
2. Activate the Plugin Firewall.
3. FTP to your /wp-content/plugins folder and change the IP address in your /plugins/.htaccess file.
4. Use the Firefox Browser to visit your site and grab all the plugin script paths that are generating 403 errors.
5. Log back into your site and add those plugin scripts the Whitelist Text area, click the Save Whitelist Options button and activate the Plugin Firewall again.
6. Turn AutoRestore back On.

See this Forum Topic link below for how you go about troublehooting php errors.  Typically php errors have nothing to do with BPS Pro and are directly related to whatever plugin or theme that is displayed in the php error log.  The php error log is just a log file.  Php error logging is telling you about existing issues and problems.  You would then use those php error messages and do Google searches to track down the issue/problem with whichever plugin or theme is generating the errors.

What is very important to note is that PHP Warning errors are not that important.  PHP Fatal errors are very important and need to be fixed right away.

http://forum.ait-pro.com/forums/topic/how-to-troubleshoot-php-errors-php-errors-in-your-php-error-log/

Also you can use basic logic to fix php issues/problems, but this error could mean several different things.  Either the exact problem is actually occuring – The ABSPATH constant is already defined/added to your wp-config.php file – twice for example or another plugin is trying to redefine this constant again incorrectly in its plugin files.  You can do basic things like deactivating your plugins one by one until you find the plugin that is causing this php error/the problem.  I would start with whatever plugin this is:  wpforce

[10-Apr-2013 20:28:36 America/Denver] PHP Notice:  Constant ABSPATH already defined in

/home/XXXXXXXXX/public_html/wp-config.php on line 49
[10-Apr-2013 20:28:40 America/Denver] PHP Notice:  Constant ABSPATH already defined in

[AITpro Admin]

Actually due to most of these php errors being related to your WordPress Database then sometimes a normal Server hiccup will generate massive amounts of these DB errors.  If this is happening constantly then you have a problem with your DB connection or you are running out of memory or things similar to that.  Or your Server could be having problems and you need to contact your Host to report this Server problem.

So what you have to determine first is are these errors happening constantly or did they all occur at a certain time which means your Server had a temporary problem that is no longer occurring.

All of these php errors that occurred at 11-Apr-2013 02:28:34 UTC indicate a temporary Server connectivity problem.

[AITpro Admin]

Also your PHP memory is set to 64M.  Most Hosts allow you to have/use at least 128M.  Increase your memory limit from 64M to 128M.

[AITpro Admin]

Another simple method of getting plugins scripts to add to your Plugin Firewall Whitelist is to use the BPS Pro Pro-Tools cURL Multi page scanner.

http://forum.ait-pro.com/forums/topic/curl-multi-page-scanner/

[AITpro Admin]

We are actually experiencing this same issue/problem.  There has been on ongoing WordPress Brute force attack and our php error log files are logging massive amounts of php errors.  We will be adding an additional check/feature in BPS Pro 5.8 that will automatically “fix” this type of issue.

http://forum.ait-pro.com/forums/topic/global-brute-force-attack-on-wordpress-sites/

[Author]

Posts