Images via proxy not displayed in image slider

[AITpro Admin]

[Copied from the BPS free support forum]

https://wordpress.org/support/topic/firewall-pro?replies=2

I will try explain, not sure if i should post here or forum now with pro? After instal i got errors regards the whitelist it looked as so

/simple-share-buttons-adder/buttons/somacro/twitter.png" title="Twitter" class="ssba" alt="Tweet about this on Twitter" /></a><span class="ssba_sharecount">
0</span><a class="ssba_facebook_share" href="http://www.facebook.com/sharer.php, /master-slider/public/assets/js/jquery.easing.min.js, /master-slider/public/assets/js/masterslider.min.js

So not sure about the simple share but the rest i did as
/public/assets/js/jquery.easing.min.js, /master-slider/public/assets/js/masterslider.min.js

That was accepted so save and created plugin htaccess.
So that looked like

# BEGIN WHITELIST: Frontend Loading Website Plugin scripts/files
SetEnvIf Request_URI "/bulletproof-security/400.php$" whitelist
SetEnvIf Request_URI "/bulletproof-security/403.php$" whitelist
SetEnvIf Request_URI "/public/assets/js/jquery.easing.min.js$" whitelist
SetEnvIf Request_URI "/master-slider/public/assets/js/masterslider.min.js$" whitelist
# END WHITELIST

I still see no images via proxy in image slider and i get nothing in logs. when i visit page via proxy.
Also the twitter feed does not load or pinterest feed.
If i delete plugin htaccess, turn off PFw same situation via proxy.

If i try on someones mobile that has not visited site so no cache i see everything except the twitter feed and pinterest loading

Re htaccess plugins, if my ip changes will i get no access?  The other thing i see new is should i lock my WP root index and WP blog-header?  Sorry once i have done one site i,m sure i will progress from a monkey 😉 If i look in plugin htaccess i see

Order Allow,Deny
Allow from env=whitelist
Allow from hurstvillage.co.uk
Allow from 213.175.xxx.xxxx
# BEGIN PUBLIC IP
Allow from 86.139.xx.xxxx
# END PUBLIC IP
</FilesMatch>

[AITpro Admin]

Post the URL to this website so I can check the frontend of the website.

[Paul]

Sure
http://www.hurstvillage.co.uk/
Once i am happy with this , know what i,m doing i can move on to the site i really want it on.

The Photos were here: http://www.hurstvillage.co.uk/photos/

[AITpro Admin]

Ok I do not see any errors or problems occurring.  Turn on/activate the Plugin Firewall and turn On AutoPilot Mode if it is not turned on.  Let me know when that is done.

[Paul]

OK it is On http://awesomescreenshot.com/07f40zfmce

[AITpro Admin]

Hmm I just realized that you probably meant that you checked your website with an External Proxy and you were not saying the problem was with your website’s Proxy.  Most Proxies will not display things visually correct.  They typically block things like Slider images or other things of that nature.  Boom Proxy is one of the Proxies that I use for testing because it allows you to choose to see things that are normally blocked by most Proxies.  There are 2 checkboxes that you can uncheck if you use Boom Proxy:  Remove Scripts and Remove Objects.  By unchecking these checkboxes you can see these things, which are normally blocked in most Proxies.  Things will never display exactly the same in a Proxy since that is just what is with Proxies.

[Paul]

Yes i used that proxy as i see in videos you used it, unchecked boxes. so on photo page http://www.hurstvillage.co.uk/photos/ are you seeing http://awesomescreenshot.com/03240zfy84

This is what the pre installer found and showed in red

/simple-share-buttons-adder/buttons/somacro/twitter.png" title="Twitter" class="ssba" alt="Tweet about this on Twitter" /><span class="ssba_sharecount">
0</span>

[AITpro Admin]

I have checked your Slider and Pinterest plugins and everything is displaying correctly and I do not see any errors when using Google Chrome Developer Tools.  Everything looks fine to me.

Yes, the Wizards will do their best to extract valid Plugin Firewall whitelist rules, but if another plugin is generating/creating fubar Source Code then the Wizards may not be able to clean up that mess up created by another plugin.  Remove any junk code like what you posted above from the Plugin Firewall whitelist text area, which you have already done and then you can let AutoPilot Mode take it from there.

[Paul]

Cool.
So how do i test and know for sure everything works, given proxy blocks certain things and the pre test gives parts i don’t need?
Do i
A) only add things ending .js
b) use incognito in Chrome?
Assume logs are clear so must be working?
Do you recommend having AutoPilot Mode. on, so if i add plugins it gets whitelisted automatically or generates a code on logs?
And when at this stage turn caching back on.
AITpro Admin For your information i have email settings to be notified on, but not sending me any.
I also have Notify me of follow-up replies via email ticked

[AITpro Admin]

Testing using a Proxy is now outdated since the Plugin Firewall AutoPilot Mode was created.  You can still do that, but it is not necessary.  What is important to note is that AutoPilot will ALWAYS only create exactly correct Plugin Firewall whitelist rules since it works in a different way and does not have to look at mangled website Source Code to try and filter out what is valid and what is junk.

When you test using an External Proxy what you are looking for is new Security Log entries.  You can look at things visually generally, but you cannot consider them to be accurate when using a Proxy.  Proxies protect themselves and will automatically filter out things they do not want to loaded via their server.  Since AutoPilot Mode automatically detects and creates Plugin Firewall whitelist rules then you really do not need to check your site with a Proxy – AutoPilot Mode is 100% accurate.

You can leave cache on or off anytime.  The Plugin Firewall works with all caching plugins and methods so you do not need to do anything with caching regarding the Plugin Firewall.

Regarding the email issue I assume you mean that you are not receiving email notifications from this site.  Check your  Spam or junk email folder.  If that is not the problem then check with your web host to see if they are blocking/rejecting emails from Go Daddy.

[Paul]

Excellent, Nice being on the dark side (pro) lol
Mind bending all the things it does,
Hope you don’t mind more questions as and when if i struggle finding answers i can understand on forum.

Re Check your Spam or junk email folder.
No nothing in there, i just received your last post though but nothing else.
I,ll check re Go Daddy

[AITpro Admin]

Since I created this Topic maybe you need to Subscribe to it?  Try clicking the Subscribe link/button and see if that works.

[Paul]

I must be subscribed as i only have unsubscribe option. Received 2 email in total

[AITpro Admin]

What might be the issue is I clean up the thread as it goes along.  This is much better for future viewers of any Forum topic.  Ie I combine and cleanup forum replies that can be combined or cleaned up.  So in those cases I am deleting some replies after combining them, which may mean that you will not get an email?  In any case, since you are receiving some of them then it is not a mail server/host problem.

[Paul]

Yes probably.
Before i let you go 😉 Could you just give some feedback on very last part of the original post Re locking and my ip being in the plugin htaccess. (my ip changes like the wind)

[Author]

Posts