Topic: AdSpeed Ad Server 403 error | BulletProof Security Forum

AdSpeed Ad Server 403 error

Tagged: 403 error, AdSpeed, AdSpeed Ad Server

This topic has 18 replies, 2 voices, and was last updated 10 years, 2 months ago by AITpro Admin.

Viewing 15 posts - 1 through 15 (of 19 total)

1 2 →

Author

Posts
February 13, 2014 at 9:19 am #13091
Kane Leins
Participant
I am using the AdSpeed plug in to serve ads from my ad server (AdSpeed), and I have tried hardcoding in the propper object embed tags to display flash ads as well, with no success. Flash ads will not load and I get a 403 in the console each time. Below is the log from your security log tab in my admin pannel. I suspect this has somethig to do with an .htaccess file, I have changed permissions to 404 in the /public_html level of my server, there is no .htaccess above it. Can you please help me figure out how to ‘whitelist’ this traffic so flash ads can be servered? They are staged on the same server, so there should be no cross domain issues, I know the AdSpeed set up is working as I use it on several other sites with no issues, however this is the only WP site that usese it.
Thank you,

Kane
```
>>>>>>>>>>> 403 GET or Other Request Error Logged - February 13, 2014 4:57 pm <<<<<<<<<<<
REMOTE_ADDR: 50.134.140.221
Host Name: c-50-134-140-221.hsd1.co.comcast.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: http://www.adspeed.com/Ads/preview.html?id=189275
REQUEST_URI: /bannerAds/TradersPlatform/TradersPlatform_BannerAdCT_728x90.swf?clickTAG=http%3A%2F%2Fg.adspeed.net%2Fad.php%3Fdo%3Dclk%26aid%3D189275%26t%3D1392310615%26auth%3D228e070e725d7523d2cc2739bc52137e&TargetAS=_top
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36
```
February 13, 2014 at 9:26 am #13092
AITpro Admin
Keymaster

Are you using this WordPress plugin – AdSpeed Ad Server or are you using AdSpeed Ad Server as a 3rd Party application installed in its own folder? /bannerAds/TradersPlatform/ is this folder path where AdSpeed Ad Server is installed as a 3rd Party Application?
February 13, 2014 at 9:39 am #13095
AITpro Admin
Keymaster

I see that that you stated you are using the WordPress AdSpeed Ad Server plugin. Sorry, I missed that when I first read your post. I will test this plugin and post my results back here. I am still curious as to what this folder is: /bannerAds/TradersPlatform/
February 13, 2014 at 9:59 am #13097
AITpro Admin
Keymaster
Probably the simplest way to whitelist this would be to whitelist the adspeed domains as shown below. I am using the ait-pro.com as an example. You would use your domain name instead of course.

1. Copy this code below to BPS Custom Code (or copy the TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE section of code from your root .htaccess file and make the modifications shown below in BPS Custom Code) to this BPS Custom Code text box: CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE: Add additional Referers and/or misc file names
2. Click the Save Root Custom Code button.
3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

IMPORTANT!!!: Edit the code below after copying it to BPS Custom Code and replace “ait-pro.com” with your actual website domain name.
```
# TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
# Use BPS Custom Code to modify/edit/change this code and to save it permanently.
# Remote File Inclusion (RFI) security rules
# Note: Only whitelist your additional domains or files if needed - do not whitelist hacker domains or files
RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR]
RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC]
RewriteRule .* index.php [F]
# 
# Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php)
RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
# Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).*
RewriteCond %{HTTP_REFERER} ^(.*ait-pro.com.*|.*adspeed.com.*|.*adspeed.net.*)
RewriteRule . - [S=1]
```
February 13, 2014 at 10:03 am #13098
AITpro Admin
Keymaster
Oops you would also need to make this modification to the Request URI rule/code.
```
RewriteCond %{REQUEST_URI} (TradersPlatform_BannerAdCT_728x90\.swf|timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
```
Or if you have several different flash ads/files then you could do this to whitelist all of them. Or if you only have a few of them then you could add each swf filename.
```
RewriteCond %{REQUEST_URI} (.*\.swf|timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
```
February 13, 2014 at 10:53 am #13104
Kane Leins
Participant
This was the response from AdSpeed
Thank you for your message and the details. This is your web host blocking the SWF file when it is embedded with clickTAG (an online advertising’s standard to track clicks for all Flash/SWF ads). Please see section “False Alarm with mod_security Firewall” on this page:
http://www.adspeed.com/Knowledges/1130/Problems_Ad_Serving/howto_troubleshoot_clickTAG_issues_Flash_ad.html

This is the URL format being blocked:
```
http://www.futuresportal.com/bannerAds/AlgoNinja/AlgoNinja_240x400.swf?clickTAG=http://example.com
```
Solution: You can ask your web host to add an exception to SWF files or subscribe to our Fast Delivery add-on to upload SWF ads directly to our ad servers.

Ill try the solutions you provided, there will be a large number of ads so doing them one by one is out of the question. Any further advice is much appreciated. Also, I tried responding earlier via iOS, site is definitely not mobile friendly.
February 13, 2014 at 1:11 pm #13105
Kane Leins
Participant

I h ave followed you instructions to a ‘T’ and have had no viable results. I have also tried 3 times to submit a responsc, with no luck. What can I provide to get this solved?
February 13, 2014 at 1:13 pm #13106
AITpro Admin
Keymaster

What is this path – /bannerAds/TradersPlatform/ ? It appears to be a folder outside of WordPress? Is that correct?
February 13, 2014 at 1:23 pm #13111
AITpro Admin
Keymaster
Also looking at the AdSpeed Ad Server code it looks like you will also need to add a plugin skip/bypass rule to Custom Code.

1. Copy this code below to this BPS Custom Code text box: CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES:
2. Click the Save Root Custom Code button.
3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.
```
# AdSpeed Ad Server skip/bypass
RewriteCond %{REQUEST_URI} ^/wp-content/plugins/adspeed-ad-server/ [NC]
RewriteRule . - [S=13]
```
February 13, 2014 at 1:23 pm #13112
Kane Leins
Participant

yes it is on the same server as the WP install, it is just outside of it. I store all our banner ads there, and in AdSpeed i use the absolute path’s to serve the ad. So it is hosted on our server (with WP install but outside it) and called/served by the AdSpeed server.
February 13, 2014 at 1:28 pm #13115
AITpro Admin
Keymaster
Ok then this actually falls under a 3rd Party application condition since the folder is outside of WordPress.

1. Copy this code below to this BPS Custom Code text box: CUSTOM CODE WP REWRITE LOOP START: Add www to non-www/non-www to www code here
2. Click the Save Root Custom Code button.
3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.
```
# WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# RewriteRule for Custom 3rd Party Apps outside of WP
RewriteRule ^bannerAds/ - [L]
```
February 13, 2014 at 1:32 pm #13116
AITpro Admin
Keymaster

It is actually very likely that you will need to use both the plugin skip/bypass rule and the 3rd Party app RewriteRule since the plugin will need to be allowed to do what it needs to do back and forth between its plugin folder and the folder outside of WordPress.
February 13, 2014 at 1:35 pm #13117
Kane Leins
Participant

How did you guys overlook something like 3rd party ad serving and make this so damn complicated? So basically have to do all steps on this thread starting from the top. Again. I have done everything you stated and nothing works.
February 13, 2014 at 1:41 pm #13119
AITpro Admin
Keymaster
I don’t really understand your question? You have a complex and unique setup/scenario so it requires a more complex solution. I think that is what you are asking?

Another simple option is to add a RewriteEngine Off .htaccess file in the /bannerAds/ folder.

Use Notepad or Notepad++.
Create a text file and add the 1 line of .htaccess code below.
```
RewriteEngine Off
```
Save the file with this name: securityoff.htaccess.
Upload the securityoff.htaccess file to the /bannerAds/ folder and rename it to just .htaccess.
February 13, 2014 at 2:09 pm #13121
Kane Leins
Participant

added the .htaccess to the /bannerAds/ directory and still nothing. Im at a loss.
Author

Posts

Viewing 15 posts - 1 through 15 (of 19 total)

1 2 →

You must be logged in to reply to this topic.

BulletProof Security Forum

AdSpeed Ad Server 403 error

Search Forums

Topic Tags