FIREWALL WHITELIST RULES ARE INVALID

[OCALA DESIGNS]

On one of my sites, I am getting an error in BPS for this, and I can’t find any of the rules written incorrectly, the plugin wrote them so I don’t know:

Plugin Firewall BulletProof Mode (PFW)
PFW Status: Deactivated
Error: One or more of your Whitelist rules are not valid
Click on the Plugin Firewall Whitelist Tools accordion tab and correct/fix any invalid plugin whitelist rules in the Plugins Script|File Whitelist Text Area.
Edit your Whitelist rules and correct whitelist rules that contain any of these invalid things:
ver=, page=, src=, www, http, https, href, .com, .net, .org, .biz, .info, .gov, .edu and
click the Save Whitelist Options button and activate the Plugin Firewall again.
Valid plugin Whitelist rules MUST use ONLY this Format: /plugin-folder-name/plugin-script.js, /plugin-folder-name/(.*).js. Plugin paths/scripts are separated by a comma and a single space.

/seedprod-coming-soon-pro-5/public/js/sp-scripts.min.js, /seedprod-coming-soon-pro-5/public/js/dynamic-text.js, /buddypress/bp-core/js/vendor/jquery-cookie.min.js, /buddypress/bp-core/js/jquery-query.min.js, /buddypress/bp-core/js/vendor/jquery-scroll-to.min.js, /woocommerce/assets/js/frontend/add-to-cart.min.js, /woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js, /buddypress/bp-core/js/confirm.min.js, /buddypress/bp-core/js/widget-members.min.js, /buddypress-media/lib/media-element/wp-mediaelement.min.js, /woocommerce/assets/js/js-cookie/js.cookie.min.js, /buddypress-media/app/assets/js/vendors/emoji-picker.js, /optin-forms/js/placeholder.js, /buddypress/bp-core/js/vendor/jquery.atwho.min.js, /buddypress/bp-core/js/vendor/jquery.caret.min.js, /buddypress/bp-activity/js/mentions.min.js, /woocommerce/assets/js/frontend/woocommerce.min.js, /buddypress-media/app/assets/js/rtmedia.min.js, /woocommerce/assets/js/frontend/add-to-cart-variation.min.js, /buddypress-media/app/assets/js/rtMedia.backbone.js, /Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js, /Ultimate_VC_Addons/assets/min-js/headings.min.js, /Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js, /Ultimate_VC_Addons/assets/min-js/custom.min.js, /Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js, /buddypress/bp-core/js/vendor/livestamp.min.js, /buddypress-media/lib/media-element/mediaelement-and-player.min.js, /js_composer/assets/js/vendors/woocommerce-add-to-cart.js, /revslider/public/assets/js/rs6.min.js, /revslider/public/assets/js/rbtools.min.js, /gravity-forms-css-themes-with-fontawesome-and-placeholder-support/js/gfctmagic.js, /stockdio-historical-chart/assets/stockdio_chart_historical-wp.js, /go_pricing/assets/js/go_pricing_scripts.js, /stock-quotes-list/assets/stockdio-wp.js, /paid-memberships-pro/js/select2.min.js, /premium-stock-market-widgets/assets/dist/app.js, /js_composer/assets/js/dist/js_composer_front.min.js, /js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js, /premium-stock-market-widgets/assets/dist/main-dca1c6402209e86bb905.js, /premium-stock-market-widgets/assets/dist/vendor-core-js-529b21732479d507b88d.js, /premium-stock-market-widgets/assets/dist/vendor-webpack-4ede3ca88fe6685f251e.js, /premium-stock-market-widgets/assets/dist/modules-ce23e8f9a8ebf77cd92a.js, /premium-stock-market-widgets/assets/dist/vendor-axios-c05359860ae9d8716a37.js, /paid-memberships-pro/js/jquery.creditCardValidator.js, /paid-memberships-pro/js/pmpro-checkout.js, /paid-memberships-pro/js/pmpro-recaptcha-v2.js, /buddypress/bp-templates/bp-legacy/js/password-verify.min.js, /bbpress/templates/default/js/editor.min.js, /premium-stock-market-widgets/assets/dist/vendor-chart.js-85d180d719aa93580d21.js, /Ultimate_VC_Addons/assets/min-js/dual-button.min.js, /premium-stock-market-widgets/assets/dist/ticker-quotes-widget-3f752b4a74cb2d6c3c53.js, /premium-stock-market-widgets/assets/dist/vendor-style-loader-6ad3c0021f3cfbc4ca41.js, /premium-stock-market-widgets/assets/dist/vendor-css-loader-70fc7c567fb798c79935.js, /premium-stock-market-widgets/assets/dist/leaderboard-widget-e453635b52f982963b3a.js, /premium-stock-market-widgets/assets/dist/card-widget-b5261722b9509039c457.js, /premium-stock-market-widgets/assets/dist/table-quotes-widget-c4724264f6e6f437f1bc.js, /premium-stock-market-widgets/assets/dist/vendor-datatables.net-2695b6e007694292bd13.js, /gravityforms/js/jquery.json.min.js, /gravityforms/js/gravityforms.min.js, /gravityforms/assets/js/dist/vendor-theme.min.js, /gravityforms/assets/js/dist/utils.min.js, /gravityforms/assets/js/dist/scripts-theme.min.js

[AITpro Admin]

This is the whitelist rule that is triggering the error: /premium-stock-market-widgets/assets/dist/vendor-datatables.net-2695b6e007694292bd13.js. Edit this whitelist rule to this: /premium-stock-market-widgets/assets/dist/vendor-datatables(.*)-2695b6e007694292bd13.js. Click the Save Whitelist Options button and activate the Plugin Firewall again.

[AITpro Admin]

Actually use this whitelist rule instead since the premium stock market widgets plugin might generate a random string in the file name in a future whitelist rule: /premium-stock-market-widgets/assets/dist/vendor-datatables(.*).js

[OCALA DESIGNS]

Thank you so much, I must have looked through that and even searched it for each of the known problem TLD mentions but probably skipped over the .net one … thanks again!

[Author]

Posts