NextGen Gallery 2.0 Tutorial

Home Forums BulletProof Security Pro NextGen Gallery 2.0 Tutorial

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #28594
    rafaelmagic
    Participant

    Disregard|Obsolete: Plugin Firewall AutoPilot Mode automatically creates whitelist rules for NextGen Gallery. If you have BPS 1.2+ or BPS Pro 13+ versions installed: Setup Wizard AutoFix will automatically create a wp-admin skip/bypass rule for NextGen Gallery.

    Nextgen Gallery 2.0 Tutorial
    How to Whitelist NextGen Gallery in a few steps.
    Upon NextGen Gallery install/activation, BPS Pro should have picked up the Java (js) whitelist rules and added them automatically.
    However Nextgen needs a Admin Query whitelist and php file whitelist that have to be added manually.

    However use this guide to check.

    STEP 1
    Check your plugin firewall for the following Java (JS) Files:
    /nextgen-gallery/products/photocrati_nextgen/modules/frame_communication/static/frame_event_publisher.min.js
    /nextgen-gallery/products/photocrati_nextgen/modules/nextgen_admin/static/ngg_progressbar.min.js
    /nextgen-gallery/products/photocrati_nextgen/modules/nextgen_admin/static/gritter/gritter.min.js

    If some are missing you can use the BPS Pro cURL Scanner Pro-Tool to get all Plugin Firewall whitelist rules manually.
    Do these steps below and see if they fix whatever problem is going on with AutoPilot Mode:

    1. Go to the Plugin Firewall page.
    2. Click the Deactivate Plugin Firewall BulletProof button.
    3. Delete all of your Plugin Firewall whitelist rules out of the Plugins
    Script|File Whitelist Text Area.
    4. Click the Save Whitelist Options button.
    5. Click the Plugin Firewall Activate button.
    6. Turn on AutoPilot Mode to 1 minute.
    7. Clear your WordPress Cache, Browser Cache
    8. Check your site and click on all main website pages: contact form page, home page, login page, etc.
    9. Recheck the Plugins Script|File Whitelist Text Area and you should see new Plugin Firewall whitelist rules have been created.
    Check that the following files Java (js) files have been created by the Firewall plugin.

    STEP 2
    Or “Manually” Add the Java whitelist rules files or use the Wildcard.

    /nextgen-gallery/products/photocrati_nextgen/modules/frame_communication/static/frame_event_publisher.min.js, /nextgen-gallery/products/photocrati_nextgen/modules/nextgen_admin/static/ngg_progressbar.min.js, /nextgen-gallery/products/photocrati_nextgen/modules/nextgen_admin/static/gritter/gritter.min.js

    Plugin Firewall Manual Setup Steps
    1. Copy and paste plugin scripts/whitelist rules above to the Plugins Script|File Whitelist Text Area.
    2. Click the Save Whitelist Options button.
    3. Click the Plugin Firewall BulletProof Mode Activate button.

    Or

    Use the Java (js) Wild Cards:

    /nextgen-gallery/products/photocrati_nextgen/modules/(.*).js

    STEP 3
    Manually Add the following PHP file whitelist rules to Firewall Plugin or use the Wildcards rules

    /nextgen-gallery/products/photocrati_nextgen/modules/ngglegacy/admin/rotate.php, /nextgen-gallery/products/photocrati_nextgen/modules/ngglegacy/admin/edit-thumbnail.php, /nextgen-gallery/products/photocrati_nextgen/modules/ngglegacy/admin/showmeta.php

    Plugin Firewall Manual Setup Steps
    1. Copy and paste plugin scripts/whitelist rules above to the Plugins Script|File Whitelist Text Area.
    2. Click the Save Whitelist Options button.
    3. Click the Plugin Firewall Activate button.

    Or

    Use the Php Wild Cards:

    /nextgen-gallery/products/photocrati_nextgen/modules/ngglegacy/admin/(.*).php

    STEP 4
    Query String skip/bypass whitelist rule in Admin Firewall

    1. Copy the wp-admin plugin skip/bypass rule below to this BPS wp-admin Custom Code text box: CUSTOM CODE WPADMIN PLUGIN FIXES: Add ONLY WPADMIN personal plugin fixes code here

    NOTE: If you already have a wp-admin S=2 skip rule in use in Custom Code then make this skip rule S=3 and add it above skip rule S=2

    # NextGen Gallery Query String wp-admin skip/bypass rule
    RewriteCond %{QUERY_STRING} page=nggallery-manage-gallery(.*) [NC]
    RewriteRule . - [S=2]

    2. Click the Save wp-admin Custom Code button.
    3. Go to the BPS Security Modes page and activate wp-admin Folder BulletProof Mode.

    STEP 5
    NextGen Gallery With ARQ wp-content Whitelist
    Do these steps below to create an AutoRestore wp-content folder exclude rule for the NextGen Gallery 2.0  wp-content folders.
    You will be excluding files or folders from being checked by ARQ
    Nextgen by default creates a few folder in wp-content, of which the following have to be whitelisted: gallery
    wp-content/gallery
    gallery folder is the uploads folder where the pictures are kept in albums.

    1. Go to AutoRestore > click on the Exclude wp-content Folders tab page > type in the name gallery , then in the line below type in the name ngg_styles  (See Video linked below at minute 3 and 22 seconds)
    IMPORTANT: ONLY enter the name gallery without any forward or trailing slashes.
    Example: for the NextGen folder name is /gallery/ then you would enter: gallery without any forward or trailing slashes.
    2. Click all 3 buttons in order 1, 2, 3: 1. click the Save To DB button, click the 2. Create Filter button and click the 3. Exclude Folders Now button.

    Video Tutorial For How to exclude files or folders from being checked by ARQ at 3 minutes 22 seconds: http://forum.ait-pro.com/video-tutorials/#autorestore-quarantine

Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.