Extra Theme By Elegant Themes Editor Not Working

[Sean Van Zant]

For some reason the Extra Theme ‘Visual Builder’ doesn’t work when I activated the BPS Pro after activating it, running the preinstall and setup wizard the ‘Visual Builder’ on the Extra Theme stops working. And the ‘Divi Builder’ within the ‘Extra Theme’ wouldn’t work.

I used the BPS Pro Troubleshooting Tips. When I deactivated the BPS Pro ‘Root Folder’, the ‘Visual Builder’ and the ‘Divi Builder’ worked great.

[AITpro Admin]

Check your BPS Security Log and post any Security Log entries that show what is being blocked.

[Sean Van Zant]

Thank you for helping me with this!

I began with the mindset that this was going to be an in-depth and complicated issue 🙂

[AITpro Admin]

It should be a simple and quick fix.  I just need to see some Security Log entries to know what is going on and give you a fix. If you are not sure which Security Log entries are being logged for your theme and builder just copy and paste your entire Security Log file and I will delete all the Security Log entries that are not related to your theme and builder in your forum reply. Then of course give you a fix.

[Sean Van Zant]

Well, now the ‘Visual Builder’ is not working after deactivating everything BP Core Security, and I turned the Auto Restore off and it’s still not working. I don’t know why it started working earlier and not now.

[403 POST Request: January 11, 2020 6:03 pm]
BPS Pro: 14.1
WP: 5.3.2
Event Code: BFHS – Blocked/Forbidden Hacker or Spammer
Solution: N/A – Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 176.59.71.227
Host Name: 176.59.71.227
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: POST
HTTP_REFERER: https://randomseantheblogger.xyz/wp-login.php
REQUEST_URI: /wp-login.php
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
REQUEST BODY: BPS Security Log option set to: Do Not Log POST Request Body Data

[AITpro Admin]

I just checked your website and I see some problems with the BPS Pro Plugin Firewall on your site.  The problem is most likely being caused by minifying/compressing/combining js scripts in your LiteSpeed Cache plugin, which causes the BPS Pro Plugin Firewall not to work correctly. What I recommend is that you do not minify js scripts. So go to your LiteSpeed Cache plugin option settings and turn off/change js minification/compression or if you want to continue to minify/compress js scripts then turn off/deactivate the BPS Pro Plugin Firewall feature.

https://forum.ait-pro.com/forums/topic/plugin-firewall-read-me-first-troubleshooting/

List of common things that can break the Plugin Firewall and cause various secondary issues|problems

Minify Plugins: If you are using a Minify plugin then you will probably not see Security Log entries / alerts.  Most if not all minifying plugins allow you to choose to exclude plugin scripts that you do not want to minify.  If you want to use the BPS Pro Plugin Firewall then you can choose not to minify particular plugin scripts so that you can use both minifying and the Plugin Firewall together.  It is recommended that you turn Off/deactivate minifying to get the plugin scripts that need to be whitelisted in the Plugin Firewall.  After you have added those plugin scripts to your Plugin Firewall whitelist you can then exclude those same plugin scripts from being minified in your minify plugin and turn On/activate your Minify plugin. Note:  If you are using a Minify plugin and you do not want to exclude any js plugin scripts then you CANNOT use the Plugin Firewall due to the way plugin scripts are minified.  You cannot add plugin scripts manually or whitelist the Minify plugin’s folder or use the Plugin Override tool either due to the way the true origin of the plugin scripts are combined / minified.  The Plugin Firewall is completely optional – you can turn it On or Off.

[Sean Van Zant]

I deactivated the plugin firewall, unminified the CSS, JS, and HTML scripts. I purged the cache on Cloudflare.  I purged all the cache that you can with the Litespeed plugin. I also cleaned the database option with the Litespeed pluding. And I have had Cloudflare on ‘Development Mode’, the whole time I have been trying to fix this issue but none of that worked.

[AITpro Admin]

Ok I just checked your site again and I am not seeing the errors I was seeing before.  Ok so go ahead do all of these BPS Pro troubleshooting steps below. If the problem is still occurring then it is not being caused by BPS Pro. It could be caused by ModSecurity installed on your host server or maybe another plugin that you have installed. I think you may have several different problems going on. ie a Plugin Firewall problem and some other problem. Let me know what happens after doing the BPS Pro troubleshooting steps below.

1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works.
2. On the Security Modes page, click the wp-admin Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works.
3. On the Security Modes page, click the Plugin Firewall BulletProof Mode Deactivate button. See Plugin Firewall Test Mode Note.
4. On the Security Modes page, click the UAEG BulletProof Mode Deactivate button.

[Sean Van Zant]

I did that again, but I deactivated them all again but still not working. Do you need my login credentials to further troubleshoot?

[AITpro Admin]

Yep, send me a WordPress Administrator login to your website to: info at ait-pro dot com.

[AITpro Admin]

Login page error:
My first attempt to login to your site I saw this error message below:
ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.

I believe the Login page cookie problem is being caused by Cloudflare Rocket Loader.
You probably need to create a Page Rule in your Cloudflare dashboard settings for the WordPress Login page.
https://support.cloudflare.com/hc/en-us/articles/218411427

AutoRestore|Quarantine issues:
I checked your Quarantine Log file and saw that cache files had been quarantined.
I created AutoRestore wp-content folder exclude rules for these 2 folders below.

AutoRestore|Quarantine steps for creating wp-content folder and single file exclude rules
http://forum.ait-pro.com/forums/topic/autorestore-quarantine-guide-read-me-first/#autorestore-exclude-rules

ewww
et-cache

PHP Errors/Log MScan issues:
I checked your PHP error log and saw this php error which means that your host server does not allow MScan to access or delete temporary files in your server’s /tmp folder.
I have changed the MScan temporary folder option setting: Automatically Delete /tmp Files to: Delete TMP Files Off.
[13-Jan-2020 10:22:30 UTC] PHP Warning: unlink(/tmp/lshttpd): Is a directory in /home/xxxxxx/randomseantheblogger.xyz/wp-content/plugins/bulletproof-security/includes/mscan-ajax-functions.php on line 1856

I have turned off the MScan automated scan. MScan is just a malware scanner, which should just be used as a basic simple tool to manually check files every once in a while or just once.
BPS Pro has AutoRestore|Quarantine which is far superior to any/all Malware scanners including BPS Pro MScan. We only added MScan because people believe that malware scanners are useful for website security. So MScan is more of an “image” feature.
Website malware scanners are very limited and not very accurate or effective vs BPS Pro AutoRestore|Quarantine, which is 100% accurate and effective.

Visual Builder issues/problems:
When trying to use the Visual Builder I see these errors below in Google Chrome Developer Tools.
The problem is being caused by Cloudflare Rocket Loader and not BPS Pro.
I did a Google search for: visual builder cloudflare rocket loader
and found known issues/problems with Cloudflare Rocket Loader and Visual Builders.

See these 2 help posts on the cloudflare site for how to fix this issue/problem:
You are going to have to create a Page Rule in your Cloudflare Dashboard settings or just turn Rocket Loader off.
https://community.cloudflare.com/t/rocket-loader-stop-working-visual-composer-frontend-editor/63128/11
https://community.cloudflare.com/t/incompability-of-rocket-loader-with-wp-bakery/110704/2

J @ VM2304:15
value @ boot.js?ver=4.1:2
(anonymous) @ boot.js?ver=4.1:2
(anonymous) @ boot.js?ver=4.1:2
t.exports @ boot.js?ver=4.1:2
_moveDOMToFrame @ boot.js?ver=4.1:2
(anonymous) @ boot.js?ver=4.1:2
dispatch @ jquery.js?ver=1.12.4-wp:3
r.handle @ jquery.js?ver=1.12.4-wp:3
c @ VM2198 rocket-loader.min.js:1
load (async)
t.addEventListener @ VM2198 rocket-loader.min.js:1
add @ jquery.js?ver=1.12.4-wp:3
a.event.add @ jquery-migrate.min.js?ver=1.4.1:2
(anonymous) @ jquery.js?ver=1.12.4-wp:3
each @ jquery.js?ver=1.12.4-wp:2
each @ jquery.js?ver=1.12.4-wp:2
ra @ jquery.js?ver=1.12.4-wp:3
on @ jquery.js?ver=1.12.4-wp:3
_createFrame @ boot.js?ver=4.1:2
value @ boot.js?ver=4.1:2
_setupIFrame @ boot.js?ver=4.1:2
e @ boot.js?ver=4.1:2
(anonymous) @ boot.js?ver=4.1:2
e @ jquery.js?ver=1.12.4-wp:3
dispatch @ jquery.js?ver=1.12.4-wp:3
r.handle @ jquery.js?ver=1.12.4-wp:3
c @ VM2198 rocket-loader.min.js:1
(anonymous) @ VM2201:15
c @ VM2198 rocket-loader.min.js:1
l @ VM2198 rocket-loader.min.js:1
t.simulateStateAfterDeferScriptsActivation @ VM2198 rocket-loader.min.js:1
callback @ rocket-loader.min.js:1
t.run @ rocket-loader.min.js:1
P @ rocket-loader.min.js:1
callback @ rocket-loader.min.js:1
t.run @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
load (async)
t.addEventListener @ VM2198 rocket-loader.min.js:1
(anonymous) @ VM2201:15
c @ VM2198 rocket-loader.min.js:1
l @ VM2198 rocket-loader.min.js:1
t.simulateStateAfterDeferScriptsActivation @ VM2198 rocket-loader.min.js:1
callback @ rocket-loader.min.js:1
t.run @ rocket-loader.min.js:1
P @ rocket-loader.min.js:1
callback @ rocket-loader.min.js:1
t.run @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
load (async)
u @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
t.run @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
load (async)
u @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
t.run @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
load (async)
u @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
t.run @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
load (async)
u @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
t.run @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
load (async)
u @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
t.run @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
load (async)
u @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
t.run @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
(anonymous) @ rocket-loader.min.js:1
load (async)

[Sean Van Zant]

Thank you! You are the BPS god 🙂

I’m going to go ahead and leave a stellar review for the BPS Pro plugin. Also, do I need automatic file scanning with Malware clean up with my hosting company since I have BPS Pro?

[AITpro Admin]

If your web host malware scanning service is free or reasonably priced then it does not hurt to have it as an additional security measure.

[Author]

Posts