Image 403 error due to LazyLoad, WP Rocket plugin used

Home Forums BulletProof Security Free Image 403 error due to LazyLoad, WP Rocket plugin used

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • September 28, 2022 at 5:19 am #42141
    alan
    Participant

    Hi,
    All my images are being blocked to crawlers due to lazy load. Works fine for users.
    After I installed WP Rocket, and used sitechecker this issue became known.

    For example, this page loads normally for users.
    https://buildingcleaningservice.com.au/testimonials

    But the crawler finds the delayed image load link, which fails with a forbidden 403

    https://buildingcleaningservice.com.au/testimonials/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20318%2093%3E%3C/svg%3E

    The BPS Error log shows

    [403 GET Request: September 28, 2022 - 7:32 pm]
BPS: 6.6
WP: 6.0.2
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 1.128.107.3
Host Name: 1.128.107.3
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR: 1.128.107.3
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://sitechecker.pro/
REQUEST_URI: /testimonials/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20318%2093%3E%3C/svg%3E
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36

    Is there some custom code I can add/remove to prevent the 403 error? It must be occurring for the google crawler as well.

    thanks – alan

    September 28, 2022 at 5:41 am #42142
    AITpro Admin
    Keymaster

    That is not a valid URL that was used to test from the sitechecker.pro website.  Please post a BPS Security Log entry that shows a Security Log entry where something legitimate is being blocked.  I checked your site and did not see any 403 errors in Google Chrome Dev tools.

    September 28, 2022 at 6:02 am #42143
    alan
    Participant

    Hi,
    thanks for replying so quick 🙂
    The link is valid, I just tested it again.

    https://buildingcleaningservice.com.au/testimonials/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20318%2093%3E%3C/svg%3E

    The URL is made by the WP Rocket plugin, to delay loading the image (lazy load).
    I would image all lazyload work in a similar way. Replacing the tag with a delayed response.

    I cleared the log file and ran the crawler again. This was the only entry in the log file

    [403 GET Request: September 28, 2022 - 10:58 pm]
BPS: 6.6
WP: 6.0.2
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 198.71.241.44
Host Name: a2plcpnl0768.prod.iad2.secureserver.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR: 198.71.241.44
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://buildingcleaningservice.com.au/testimonials/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20318%2093%3E%3C/svg%3E
REQUEST_URI: /testimonials/data:image/svg+xml,%3Csvg%20xmlns=http:/www.w3.org/2000/svg%20viewBox=0%200%20318%2093%3E%3C/svg%3E
QUERY_STRING:
HTTP_USER_AGENT: WordPress/6.0.2; https://forum.ait-pro.com
    September 28, 2022 at 6:29 am #42144
    AITpro Admin
    Keymaster

    If you try to go to that URL you will see a 403 0r 404 error because that is not a valid URL.  You can do the BPS troubleshooting steps to figure out if BPS is actually blocking something > https://forum.ait-pro.com/forums/topic/read-me-first-free/#bps-free-general-troubleshooting Note: The User Agent is this forum site, not the Google Crawler or another Crawler.

    Additional Note: data:image is served from the Source Code of a website page.  It is not requested via URL’s.

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.