Favicon by RealFaviconGenerator – 403 error – UAEG whitelist rule

[AITpro Admin]

The Favicon by RealFaviconGenerator plugin creates this WordPress Uploads folder: /wp-content/uploads/fbrfg/ and calls plugin files from this folder, which are blocked by the BPS Pro Uploads Anti-Exploit Guard (UAEG) htaccess file. To whitelist the /fbrfg/ plugin folder do the steps below.  Important Note:  These UAEG whitelisting steps are for an Apache server.  If you have a LiteSpeed server then use the LiteSpeed UAEG whitelisting steps in this UAEG forum topic > https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/

Imporant Note: Do not copy this example code below and instead copy your actual UAEG htaccess file code by following the instructions in the steps below.

To edit/customize your Uploads Anti-Exploit Guard (UAEG) .htaccess file go to the B-Core > htaccess File Editor tab page > “Your Current Uploads htaccess File” tab and do the steps below.
1. Copy and paste your entire Uploads .htaccess file code from the “Your Current Uploads htaccess File” tab on the htaccess File Editor page into the CUSTOM CODE UAEG text box on the BPS Custom Code tab page.
2. Edit/modify/customize your UAEG htaccess code in the CUSTOM CODE UAEG text box.
3. Click the Save UAEG Custom Code button to save your UAEG custom code.
4. Go to the Security Modes page and click the UAEG BulletProof Mode Activate button.

The edit that you want to do in step #2 is this below (see other examples for whitelisting files or folders for Apache and LiteSpeed servers below):

If you have an Apache server:
To whitelist a folder: Remove/delete the # sign from infront of this line of code in your UAEG htaccess code and change the folder name to your actual folder name that you want to whitelist.

Whitelist rule for the /uploads/fbrfg/ folder:  SetEnvIf Request_URI "fbrfg/.*$" whitelist

If you have an Apache server (this step is not required if you have a LiteSpeed server):
Delete the # signs in front of #Require env whitelist and #Allow from env=whitelist shown highlighted in yellow below in your UAEG code that you copied to CUSTOM CODE UAEG.

# FORBID THESE FILE EXTENSIONS FROM BEING ACCESSED OR EXECUTED REMOTELY
<FilesMatch "\.(7z|as|bat|bin|cgi|chm|chml|class|cmd|com|command|dat|db|db2|db3|dba|dll|DS_Store|exe|gz|hta|htaccess|htc|htm|html|htx|idc|ini|ins|isp|jar|jav|java|js|jse|jsfl|json|jsp|jsx|lib|lnk|out|php|phps|php5|php4|php3|phtml|phpt|pl|py|pyd|pyc|pyo|shtm|shtml|sql|swf|sys|tar|taz|tgz|tpl|vb|vbe|vbs|war|ws|wsf|xhtml|xml|z)$">
<IfModule mod_authz_core.c>
#Require env whitelist
Require all denied
</IfModule>

<IfModule !mod_authz_core.c>
<IfModule mod_access_compat.c>
Order Allow,Deny
#Allow from env=whitelist
Deny from all
</IfModule>
</IfModule>
</FilesMatch>

The Security Log entry for the Favicon by RealFaviconGenerator plugin.

[403 GET Request: 4th October 2019 - 7:17 pm]
BPS Pro: 14.2
WP: 5.2.3
Event Code: UAEGWR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/
REMOTE_ADDR: 108.213.94.121
Host Name: 108-213-94-121.lightspeed.irvnca.sbcglobal.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR: 108.213.94.121
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://example.com/wp-admin/admin.php?page=bulletproof-security%2Fadmin%2Fsecurity-log%2Fsecurity-log.php
REQUEST_URI: /wp-content/uploads/fbrfg/manifest.json
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36

[Author]

Posts