Firewall Plugin Layout Broken

[Petrus]

Not sure why but my layout on the firewall plugin page is broken…

Here is a screenshot:

https://prnt.sc/r3o84g

[AITpro Admin]

When the BPS Pro plugin page layout is broken that means there is a problem with the BPS Pro Plugin Firewall.

You mentioned in one of your other forum topics that you have the WP Hide & Security Enhancer PRO plugin.  The Hide My WP plugin is known to break several things in BPS Pro including the BPS Pro Plugin Firewall.  So it is very possible that the WP Hide & Security Enhancer PRO plugin is breaking the BPS Pro Plugin Firewall.

This is typically a very complex problem when using a “hiding” plugin. So instead of trying to figure out the problem in the forum it would be much quicker for me to login to your website to figure out the problem.  Contact me directly via this email:  info at ait-pro dot com. I will need an Administrator login to your website to figure out the problem.

[Petrus]

I have completely removed WP Hide & Security Enhancer PRO plugin a week ago already, so it cannot be that.

[AITpro Admin]

Ok are you using a Cloudflare plugin or minifiying/combressing/combining js scripts?  These 2 other common things that break the BPS Pro Plugin Firewall that require additional configuration changes.  If you do not have either of these things going on then do the steps below to reset/fix this issue.  Note: Choose either the general fix steps or the general fix steps for a VPN|Proxy scenario.

https://forum.ait-pro.com/forums/topic/plugin-firewall-read-me-first-troubleshooting/

List of common things that can break the Plugin Firewall and cause various secondary issues|problems

Minify Plugins: If you are using a Minify plugin then you will probably not see Security Log entries / alerts. Most if not all minifying plugins allow you to choose to exclude plugin scripts that you do not want to minify. If you want to use the BPS Pro Plugin Firewall then you can choose not to minify particular plugin scripts so that you can use both minifying and the Plugin Firewall together. It is recommended that you turn Off/deactivate minifying to get the plugin scripts that need to be whitelisted in the Plugin Firewall. After you have added those plugin scripts to your Plugin Firewall whitelist you can then exclude those same plugin scripts from being minified in your minify plugin and turn On/activate your Minify plugin. Note: If you are using a Minify plugin and you do not want to exclude any js plugin scripts then you CANNOT use the Plugin Firewall due to the way plugin scripts are minified. You cannot add plugin scripts manually or whitelist the Minify plugin’s folder or use the Plugin Override tool either due to the way the true origin of the plugin scripts are combined / minified. The Plugin Firewall is completely optional – you can turn it On or Off.

Cloudflare Plugins: Cloudflare breaks the BPS Pro Plugin Firewall, which in turn breaks BPS Pro Login Security and other things. Important Note: This only appears to be caused by installing WordPress Cloudflare plugins and not when installing Cloudflare from your web host control panel or directly from the Cloudflare website. The solution is to whitelist the Cloudfare IP address range in the BPS Pro Plugin Firewall > Plugin Firewall Additional Whitelist Tools > Whitelist by Hostname (domain name) and IP Address text box > https://forum.ait-pro.com/forums/topic/cloudflare-login-security-and-plugin-firewall-not-working/

Issue/Problem: BPS menu tabs not displaying correctly, visual format is broken, CSS format is broken
Solution:

Other plugins or themes loading their js scripts in BPS plugin pages:
The Script|Style Loader Filter (SLF) In BPS Plugin Pages option under Setup > UI|UX Settings > SLF On setting may or may not fix the problem. In some cases the Plugin Firewall cannot be used with some plugins or themes if BPS cannot prevent them from loading their scripts in BPS Pro plugin pages and breaking the Plugin Firewall.

Troubleshooting: Reset|Clear The Plugin Firewall (fixes most if not all Plugin Firewall issues/problems)
Note: To find out if an issue/problem is related to or being caused by the Plugin Firewall do BPS Pro troubleshooting step #3 in the BPS Pro troubleshooting link: https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting

Fix all general Plugin Firewall issues/problems:
1. Go to the BPS Security Log page and click the Delete Log button to delete your current Security Log file contents.
2. Go to the Plugin Firewall page.
3. Click the Plugin Firewall BulletProof Mode Deactivate button.
4. Delete (or cut if you want to add your existing whitelist rules back into the Plugins Script|File Whitelist Text Area) all of your Plugin Firewall whitelist rules out of the Plugins Script|File Whitelist Text Area.
5. Click the Save Whitelist Options button.
6. Click the Plugin Firewall Test Mode button.
7. Check your site pages by clicking on all main website pages: contact form page, home page, login page, etc.
8. Recheck the Plugins Script|File Whitelist Text Area (after 1 minute) and you should see new Plugin Firewall whitelist rules have been created.
9. Change the AutoPilot Mode Cron Check Frequency to 15 minutes or whatever frequency time you would like to use.
10. Click the Plugin Firewall Activate button.

Fix all general Plugin Firewall issues/problems and Proxy server configuration mistakes:
Note this fix also applies to using a VPN|Proxy when you are logged into your website.
Additional steps to fix both general Plugin Firewall issues/problems and to compensate for an additional Proxy server configuration mistake (whitelist the Proxy IP Address). Note: This only applies to Proxy server issues/problems. Use the steps above unless specifically instructed to use these steps below to fix/whitelist a Proxy server IP address problem.

1. Go to the BPS Security Log page and click the Delete Log button to delete your current Security Log file contents.
2. Go to the Plugin Firewall page.
3. Click the Plugin Firewall Additional Whitelist Tools accordion tab.
4. Enter Proxy server IP address: xxx.xxx.xxx.xxx in the Whitelist by Hostname (domain name) and IP Address text box.
5. Click the Save Hostname and IP Address Rules button.
6. Click the Plugin Firewall BulletProof Mode Deactivate button.
7. Delete (or cut if you want to add your existing whitelist rules back into the Plugins Script|File Whitelist Text Area) all of your Plugin Firewall whitelist rules out of the Plugins Script|File Whitelist Text Area.
8. Click the Save Whitelist Options button.
9. Click the Plugin Firewall Test Mode button.
10. Check your site pages by clicking on all main website pages: contact form page, home page, login page, etc.
11. Recheck the Plugins Script|File Whitelist Text Area (after 1 minute) and you should see new Plugin Firewall whitelist rules have been created.
12. Change the AutoPilot Mode Cron Check Frequency to 15 minutes or whatever frequency time you would like to use.
13. Click the Plugin Firewall Activate button.

[Petrus]

No cloudflare or minify as per your previous suggestions. I have emailed login credentials for you to check.

[Petrus]

On a separate note, can I disable BPS Pro Dashboard notifications and display for certain users? We limit them for things we do not want them to see so they are less confused etc.

[AITpro Admin]

The BPS Dashboard alerts are only displayed to Administrators. Are these people Administrators?

[AITpro Admin]

On the first site “church” the problem was that Plugin Firewall Test Mode was turned On. I turned Off Test Mode and that fixed the problem. On the “biblecollege” site I did not see a broken page layout, but went ahead and did the Plugin Firewall “reset” steps listed in my previous forum reply.

I see that you have several different Custom User Roles for both of these websites.  What you may need to do is to check the appropriate User Role checkboxes under the BPS Pro Plugin Firewall > Plugin Firewall Additional Whitelist Tools accordion tab > check all of the checkboxes that apply under this tool > Additional Roles IP Whitelist.  See the help info below for what this tool/option setting does.

Note: You can check all of the Additional Roles IP Whitelist checkboxes if you want instead of trying to figure out which User Roles need automated IP address whitelisting to happen.  The BPS Pro Plugin Firewall will automatically do what needs to be done if you check all of the Additional Roles IP Whitelist checkboxes.

Additional Roles IP Whitelist
This option is for folks who have additional Administrators, Editors, Authors and Contributors who log into the website to create Posts or perform other website tasks. When you select and save additional Roles this means that any person with the Role capabilities that you have selected will have their IP addresses automatically Whitelisted when they log into the website. If your website is using/has Custom User Roles, your Custom User Roles will be displayed in a scrollable box below the standard WP User Roles: Administrator, Editor, Author, Contributor.

[Petrus]

These people are not administrators, but we created a new roll from scratch for them.

So if I add their roll to the firewall whitelist, does that mean they will be blocked from seeing the BPS alerts and notifications?

[Petrus]

Both BPS Firewalls ok again. THANK YOU!!!!!!

[Petrus]

LEGENDARY SUPPORT AS ALWAYS!!!

Added the user role and saved, and voila! They can no longer see BPS alerts and notifications!!!!

[AITpro Admin]

The Additional Roles IP Whitelist tool is for automatically whitelisting the IP addresses for anyone that is logged in under one of your standard WordPress User Roles or any of your Custom User Roles.  That tool does not do anything with general BPS Pro Dashboard alerts.  I’m pretty sure that if one of Custom User Roles includes the standard WordPress Administrator Role in the Custom User Role then BPS Pro Dashboard Alerts would be shown to that person with an “Administrator” Role via proxy of the Custom User Role that includes the Adminstrator Role.

So to answer your original question – Anyone who has the WordPress Administrator Capability is going to see BPS Pro Dashboard Alerts.  BPS Pro does not have any sort of Custom User Roles control settings. All Administrators are going to see BPS Pro Dashboard Alerts since logically Administrators would definitely need to see all BPS Pro Dashboard Alerts.

[AITpro Admin]

You could turn Off all BPS Pro Dashboard Alerts on the BPS Pro > S-Monitor page, but for obvious reasons you would not want to do that.  Troubleshooting blind is no fun at all.  😉

[Author]

Posts