Restrict Content Pro – Registration form 403 error

Home Forums BulletProof Security Pro Restrict Content Pro – Registration form 403 error

Tagged: 

This topic contains 5 replies, has 2 voices, and was last updated by  AITpro Admin 10 months, 3 weeks ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #33890

    Living Miracles
    Participant

    Hi,

    I just got an email from someone trying to sign up to our subscription-based website, https://acim.me, saying that they couldn’t complete the registration process. They got the following error:
    acim.me
    403 Forbidden Error Page
    If you arrived here due to a search or clicking on a link click your Browser’s back button to return to the previous page. Thank you.

    I tried it myself as well, and then checked the PHP error log; here’s what it says:

    IP Address: 213.205.194.213

    [403 POST Request: August 23, 2017 - 1:21 pm]
    BPS Pro: 13.2
    WP: 4.8.1
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 216.117.232.13
    Host Name: d216-117-232-13.allwest.net
    SERVER_PROTOCOL: HTTP/1.0
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: POST
    HTTP_REFERER: https://acim.me/membership/
    REQUEST_URI: /membership/
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.101 Safari/537.36
    REQUEST BODY: BPS Security Log option set to: Do Not Log POST Request Body Data

    Could you help me resolve this swiftly, please?

    Thank you!

    #33891

    AITpro Admin
    Keymaster

    The 403 error is a generic web host server error message and not the BPS 403 template error page.  That problem is most likely caused by the Autooptimize plugin that you have installed.  I see that you are compressing/minifying your Source Code, which means that you cannot use the BPS Pro Plugin Firewall feature since .js compression/minification breaks the BPS Pro Plugin Firewall.

    To isolate exactly what is causing the problem you need to factor in these 2 things for BPS Pro:
    If you are using the BPS POST Attack Protection Bonus Custom Code then you need to create a whitelist rule for the Restrict Content Pro Registration form POST Request.
    If you are using the BPS Brute Force Login attack protection Bonus Custom Code that blocks Server Protocal HTTP/1.0 then you will need to delete it from Custom Code > The Server Protocol logged in the Security Log entry is:  SERVER_PROTOCOL: HTTP/1.0 and not HTTP/1.1.

    Ok so now you want to do the standard BPS Pro troubleshooting steps to confirm or eliminate that BPS is causing the problem and to isolate where the problem is occurring.  The logical troubleshooting steps to use are: 1, 2, 3, 6 and 7.

    BPS Pro Troubleshooting steps:  https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting

    #33892

    Living Miracles
    Participant

    Hi,

    This isn’t the BPS Pro 403 error page?? http://i.imgur.com/e70Q8gp.png

    #33893

    AITpro Admin
    Keymaster

    Oops yep it is.  Continue with BPS Pro troubleshooting steps and let me know what you find out.

    #33894

    Living Miracles
    Participant

    Heh, ok 🙂 Cool, I just added /membership/ to our POST request attack code and everything’s working!

    Thanks!

    #33895

    AITpro Admin
    Keymaster

    Great!

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.