Home › Forums › BulletProof Security Pro › FS Poster Plugin
- This topic has 3 replies, 2 voices, and was last updated 1 week, 6 days ago by
AITpro Admin.
-
AuthorPosts
-
Louis
ParticipantI got this error in my Security login, and I use this plugin, I tried the Whitelisting Plugin but it doesn’t remain. Was wondering how I can get it Whitelisted so the plugin can function properly and post steady.
[403 POST Request: February 1, 2025 - 2:26 am] BPS Pro: 17.4 WP: 6.7.1 Event Code: WPADMIN-SBR Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: GDPR Compliance On Host Name: pool-99-228-59-33.cpe.net.cable.rogers.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: GDPR Compliance On HTTP_FORWARDED: GDPR Compliance On HTTP_X_FORWARDED_FOR: GDPR Compliance On HTTP_X_CLUSTER_CLIENT_IP: GDPR Compliance On REQUEST_METHOD: POST HTTP_REFERER: https://extremedealsoftheday.com/wp-admin/admin.php?page=fs-poster REQUEST_URI: /wp-json/fs-poster/v1/channels QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 REQUEST BODY: BPS Security Log option set to: Do Not Log POST Request Body Data
AITpro Admin
KeymasterAdd the fs-poster whitelist rule above the elementor whitelist rule in the wp-admin Custom Code text box > 3. CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES
Click the save wp-admin Custom Code button.
Go to the Setup Wizard page, run the Pre-Installation Wizard and Setup Wizard.Note: If you have more plugins that are doing this bizarre method of sending plugin page Query Strings from admin.php to wp-json then it would probably be smarter to whitelist the wp-json Request URI. I assume some other plugin or theme is doing this and not the actual plugins themselves.
# fs-poster wp-admin plugin skip/bypass rule RewriteCond %{QUERY_STRING} page=fs-poster(.*) [NC] RewriteRule . - [S=3] # Elementor wp-admin plugin skip/bypass rule RewriteCond %{QUERY_STRING} page=e-form-submissions(.*) [NC] RewriteRule . - [S=2]
Louis
ParticipantYes, you are correct about other plugins. For example, I just saw that after trying to create some 301 redirects with the SEOPress plugin, it also seems to be using the wp-json Request URI.
As I just got this in my Security log, so it’s probably best to whitelist the wp-json Request URI as you recommended.
How would I whitelist the wp-json Request URI correctly ?
[403 GET Request: February 2, 2025 - 5:45 pm] BPS Pro: 17.4 WP: 6.7.1 Event Code: WPADMIN-SBR Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: GDPR Compliance On Host Name: pool-99-228-59-33.cpe.net.cable.rogers.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: GDPR Compliance On HTTP_FORWARDED: GDPR Compliance On HTTP_X_FORWARDED_FOR: GDPR Compliance On HTTP_X_CLUSTER_CLIENT_IP: GDPR Compliance On REQUEST_METHOD: GET HTTP_REFERER: https://extremedealsoftheday.com/wp-admin/post-new.php?post_type=seopress_404&post_title=womens-thermal&prepare_redirect=1&key=5&redirect_to=clothes-for-women%2Fwomens-thermal REQUEST_URI: /wp-json/seopress/v1/search-url?url=https://extremedealsoftheday.com/clothes-for-women/womens-thermal/ QUERY_STRING: url=https://extremedealsoftheday.com/clothes-for-women/womens-thermal/ HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36
AITpro Admin
KeymasterYou can try this, but if it doesn’t work then just deactivate wp-admin BulletProof Mode. Add this above skip rule #3, save and run the Wizards. A post is being sent to wp-json and then a redirect simulating an RFI hacking attempt is occurring. Very scary code.
# skip/bypass rule for wp-json RewriteCond %{REQUEST_URI} ^/wp-json/(.*) [NC] RewriteRule . - [S=4]
-
AuthorPosts
- You must be logged in to reply to this topic.