Custom icons, ttf font 403 error

[Chris]

I recently udated my wp install to 4.1.  The home page has some custom icons that are being blocked and I can’t figure out how to work around it.  I’ve tried creating a skip/bypass rule, but the error persists.  This is the error I am getting

[403 GET / HEAD Request: February 9, 2015 - 6:15 am]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: xx.xx.xxx.xx
Host Name: c-xx-xx-xx-xx.hsd1.sc.comcast.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: http://www.mysite.com/wp-content/themes/mukam/css/icons.css?ver=4.1
REQUEST_URI: /wp-content/themes/mukam/fonts/wsports.ttf?-wt9307
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36

[AITpro Admin]

Do BPS Pro Troubleshooting steps 2 through 5. Test after each step to isolate which security feature is causing an issue/problem. Let me know which feature is causing the issue/problem.
http://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting

[Chris]

Thanks for the quick response.  Went through all of the steps and reloaded my homepage between each of them, but the icons were still missing, the only difference was I didn’t get the prompt that there was a 403 error

[AITpro Admin]

Ok that means that you have multiple problems occurring.

I believe the first problem is either going to be very similar to what this person discovered in this forum topic:  http://forum.ait-pro.com/forums/topic/security-log-file-size-exceeds-500kb-every-day/#post-3318  Or something simple like the image files do not exist or are not in the location|folder that the links are pointing too.

The second problem is that whatever method is being used to get these fonts|images is triggering a 403 error. BPS logs all 403 errors whether or not the 403 errors are things that BPS is blocking.  Or in other words, the 403 errors may be caused by either a security measure that is installed|configured on your server itself or something that BPS is specifically blocking.  In this case it appears that BPS is blocking something about whatever method is being used to get these fonts|images.

In order to be able to get some clues I would need to view your website’s Source Code.  Either post a link to your website in this forum topic or if you do not want your website URL posted here then email it to info at ait-pro dot com.

[AITpro Admin]

The problem with the font-face font is going to be a very similar problem to the link I posted above. What I recommend is that you contact the theme author of your theme to find out why the font-face css code is not working correctly. Once you get that figured out then I will work with you to get the BPS part of the equation figured out if that problem still exists after fixing the font-face font|image icon CSS stylesheets and font-face code problems.

Personally I think the problem with the icons is a path problem:  the path is relative “../” but that may not work correctly on your particular server or you need to change that relative path.  The error is most likely a 404 error and then whatever other problems are occurring results in a final 403 error.  The first problem is with paths and then there may be additional problems after that, but the whole problem could just be with the paths.

CSS code at the top of your theme’s icons.css CSS stylesheet file:

@font-face {
font-family: 'anyoldicon';
src:url('../fonts/anyoldicon.eot');
src:url('../fonts/anyoldicon.eot?#iefix') format('embedded-opentype'),
url('../fonts/anyoldicon.woff') format('woff'),
url('../fonts/anyoldicon.ttf') format('truetype'),
url('../fonts/anyoldicon.svg#anyoldicon') format('svg');
font-weight: normal;
font-style: normal;
}

/* Use the following CSS code if you want to use data attributes for inserting your icons */
[data-icon]:before {
font-family: 'anyoldicon';
content: attr(data-icon);
speak: none;
font-weight: normal;
font-variant: normal;
text-transform: none;
line-height: 1;
-webkit-font-smoothing: antialiased;
-moz-osx-font-smoothing: grayscale;
}

A much bigger problem with this website:  The YSlow Grade for this website is: Grade F Overall Performance score 40 out of 100

Site first load speed is terrible: 16 seconds on first load.
Making too many Requests and loading too many things or things that are not optimized or things that do not have pre-loaders loading the time to first byte first and then incrementally loading other elements of the page.

First site load loading 2.6MB and making 74 Requests.

Second cached load is slightly better, but not good – 6-10 seconds. It does not matter since most website visitors will probably not wait for the first load to complete and go away before visiting the site. If that does not discourage them then the cached loads will. The site performs very poorly slowly and people will not stay on the site or return to the site.

Install the Firefox browser and these add-ons: YSlow, Firebug and Firephp to see what you need to correct to get the site to load within an acceptable amount of time. First load should be somewhere between 1 second to 4 seconds.

I have never seen CSS file this large before. Normally css files are between 10KB and 30KB in size.  This theme’s icons.css file is 258KB and this theme also has several other very large CSS stylesheets.  Overall this is a very poor and excessive CSS design. Something is clearly wrong or done wrong here.  This will not only cause the site to get very poor ranking in the Search Engines, but you will also not get website visitors or they will never return to this website.

[Author]

Posts