Incapsula – Error: Your Whitelist rules have a /bulletproof-security/admin/js/ script whitelisted

[Living Miracles]

Gotcha! Thank you very much! Yes, our host isn’t wpengine. We’re actually using several different hosts (SiteGround Cloud Hosting, GoDaddy dedicated server, GoDaddy Managed WordPress) and they’re all reporting these 405 HEAD requests from Uptime Robot. Now, we do use Uptime Robot as a separate service as well as ManageWP (which offers uptime monitoring).

[AITpro Admin]

Ok so you can try allowing HEAD Requests from only Uptimerobot IP addresses/host servers.  If that does not work then you would need to allow all HEAD Requests.  Whitelisting Multiple Uptimerobot IP address would be done like this:

RewriteCond %{REMOTE_ADDR} !^(xxx.xxx.[0-9]{1,3}.[0-9]{1,3}|xxx.xxx.[0-9]{1,3}.[0-9]{1,3}|xxx.xxx.[0-9]{1,3}.[0-9]{1,3})$

Or using this condensed condition:

RewriteCond %{REMOTE_ADDR} !^(xxx.xxx.|xxx.xxx.|xxx.xxx.)[0-9]{1,3}.[0-9]{1,3}$

Uptime Robot IPv4 and IPv6 IP addresses:

# Uptime Robot IPv6 IP addresses
RewriteCond %{REMOTE_ADDR} !^(2604:a880[:\d\w]+|2607:ff68:107[:\d\w]+|2a03:b0c0[:\d\w]+)$ [NC]
# Uptime Robot IPv4 IP addresses
RewriteCond %{REMOTE_ADDR} !^(216.144.|69.162.|63.143.|46.137.|46.101.|122.248.|188.226.|178.62.|54.79.|54.94.|54.67.|54.64.|104.131.|159.203.)[0-9]{1,3}.[0-9]{1,3}$

[Living Miracles]

Thank you! Really appreciate that. I’m assuming the “[0-9]{1,3}.[0-9]{1,3}” allows for IP ranges? Is there any way I could use CIDR blocks in the code you provided? Like 69.162.124.226/31 for example?

[AITpro Admin]

You only need to check the first 2 octets of an IP address assuming those will never change.  [0-9]{1,3} matches numbers 0 to 9 and the range is 1 to 3 numbers.  CIDR IP blocks would not be appropriate for this usage since you would then need to use Allow and Deny directives.

[Living Miracles]

Ok, thanks so much!!! All clear!

[Author]

Posts