Home › Forums › BulletProof Security Free › AdSpeed Ad Server 403 error
Tagged: 403 error, AdSpeed, AdSpeed Ad Server
- This topic has 18 replies, 2 voices, and was last updated 9 years, 3 months ago by
AITpro Admin.
-
AuthorPosts
-
Kane Leins
ParticipantI am using the AdSpeed plug in to serve ads from my ad server (AdSpeed), and I have tried hardcoding in the propper object embed tags to display flash ads as well, with no success. Flash ads will not load and I get a 403 in the console each time. Below is the log from your security log tab in my admin pannel. I suspect this has somethig to do with an .htaccess file, I have changed permissions to 404 in the /public_html level of my server, there is no .htaccess above it. Can you please help me figure out how to ‘whitelist’ this traffic so flash ads can be servered? They are staged on the same server, so there should be no cross domain issues, I know the AdSpeed set up is working as I use it on several other sites with no issues, however this is the only WP site that usese it.
Thank you,Kane
>>>>>>>>>>> 403 GET or Other Request Error Logged - February 13, 2014 4:57 pm <<<<<<<<<<< REMOTE_ADDR: 50.134.140.221 Host Name: c-50-134-140-221.hsd1.co.comcast.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://www.adspeed.com/Ads/preview.html?id=189275 REQUEST_URI: /bannerAds/TradersPlatform/TradersPlatform_BannerAdCT_728x90.swf?clickTAG=http%3A%2F%2Fg.adspeed.net%2Fad.php%3Fdo%3Dclk%26aid%3D189275%26t%3D1392310615%26auth%3D228e070e725d7523d2cc2739bc52137e&TargetAS=_top QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36
AITpro Admin
KeymasterAre you using this WordPress plugin – AdSpeed Ad Server or are you using AdSpeed Ad Server as a 3rd Party application installed in its own folder? /bannerAds/TradersPlatform/ is this folder path where AdSpeed Ad Server is installed as a 3rd Party Application?
AITpro Admin
KeymasterI see that that you stated you are using the WordPress AdSpeed Ad Server plugin. Sorry, I missed that when I first read your post. I will test this plugin and post my results back here. I am still curious as to what this folder is: /bannerAds/TradersPlatform/
AITpro Admin
KeymasterProbably the simplest way to whitelist this would be to whitelist the adspeed domains as shown below. I am using the ait-pro.com as an example. You would use your domain name instead of course.
1. Copy this code below to BPS Custom Code (or copy the TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE section of code from your root .htaccess file and make the modifications shown below in BPS Custom Code) to this BPS Custom Code text box: CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE: Add additional Referers and/or misc file names
2. Click the Save Root Custom Code button.
3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.IMPORTANT!!!: Edit the code below after copying it to BPS Custom Code and replace “ait-pro.com” with your actual website domain name.
# TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # Remote File Inclusion (RFI) security rules # Note: Only whitelist your additional domains or files if needed - do not whitelist hacker domains or files RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR] RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC] RewriteRule .* index.php [F] # # Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php) RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC] # Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).* RewriteCond %{HTTP_REFERER} ^(.*ait-pro.com.*|.*adspeed.com.*|.*adspeed.net.*) RewriteRule . - [S=1]
AITpro Admin
KeymasterOops you would also need to make this modification to the Request URI rule/code.
RewriteCond %{REQUEST_URI} (TradersPlatform_BannerAdCT_728x90\.swf|timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
Or if you have several different flash ads/files then you could do this to whitelist all of them. Or if you only have a few of them then you could add each swf filename.
RewriteCond %{REQUEST_URI} (.*\.swf|timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
Kane Leins
ParticipantThis was the response from AdSpeed
Thank you for your message and the details. This is your web host blocking the SWF file when it is embedded with clickTAG (an online advertising’s standard to track clicks for all Flash/SWF ads). Please see section “False Alarm with mod_security Firewall” on this page:
http://www.adspeed.com/Knowledges/1130/Problems_Ad_Serving/howto_troubleshoot_clickTAG_issues_Flash_ad.htmlThis is the URL format being blocked:
http://www.futuresportal.com/bannerAds/AlgoNinja/AlgoNinja_240x400.swf?clickTAG=http://example.com
Solution: You can ask your web host to add an exception to SWF files or subscribe to our Fast Delivery add-on to upload SWF ads directly to our ad servers.
Ill try the solutions you provided, there will be a large number of ads so doing them one by one is out of the question. Any further advice is much appreciated. Also, I tried responding earlier via iOS, site is definitely not mobile friendly.
Kane Leins
ParticipantI h ave followed you instructions to a ‘T’ and have had no viable results. I have also tried 3 times to submit a responsc, with no luck. What can I provide to get this solved?
AITpro Admin
KeymasterWhat is this path – /bannerAds/TradersPlatform/ ? It appears to be a folder outside of WordPress? Is that correct?
AITpro Admin
KeymasterAlso looking at the AdSpeed Ad Server code it looks like you will also need to add a plugin skip/bypass rule to Custom Code.
1. Copy this code below to this BPS Custom Code text box:
2. Click the Save Root Custom Code button.
3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.# AdSpeed Ad Server skip/bypass RewriteCond %{REQUEST_URI} ^/wp-content/plugins/adspeed-ad-server/ [NC] RewriteRule . - [S=13]
Kane Leins
Participantyes it is on the same server as the WP install, it is just outside of it. I store all our banner ads there, and in AdSpeed i use the absolute path’s to serve the ad. So it is hosted on our server (with WP install but outside it) and called/served by the AdSpeed server.
AITpro Admin
KeymasterOk then this actually falls under a 3rd Party application condition since the folder is outside of WordPress.
1. Copy this code below to this BPS Custom Code text box:
2. Click the Save Root Custom Code button.
3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.# WP REWRITE LOOP START RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] # RewriteRule for Custom 3rd Party Apps outside of WP RewriteRule ^bannerAds/ - [L]
AITpro Admin
KeymasterIt is actually very likely that you will need to use both the plugin skip/bypass rule and the 3rd Party app RewriteRule since the plugin will need to be allowed to do what it needs to do back and forth between its plugin folder and the folder outside of WordPress.
Kane Leins
ParticipantHow did you guys overlook something like 3rd party ad serving and make this so damn complicated? So basically have to do all steps on this thread starting from the top. Again. I have done everything you stated and nothing works.
AITpro Admin
KeymasterI don’t really understand your question? You have a complex and unique setup/scenario so it requires a more complex solution. I think that is what you are asking?
Another simple option is to add a RewriteEngine Off .htaccess file in the /bannerAds/ folder.
Use Notepad or Notepad++.
Create a text file and add the 1 line of .htaccess code below.RewriteEngine Off
Save the file with this name: securityoff.htaccess.
Upload the securityoff.htaccess file to the /bannerAds/ folder and rename it to just .htaccess.Kane Leins
Participantadded the .htaccess to the /bannerAds/ directory and still nothing. Im at a loss.
-
AuthorPosts
- You must be logged in to reply to this topic.