Home › Forums › BulletProof Security Pro › Nextgen Gallery 403 error
Tagged: NextGen, NextGen Gallery, Plugin Firewall
- This topic has 37 replies, 4 voices, and was last updated 3 years, 10 months ago by
Alex Laxton.
-
AuthorPosts
-
Art
ParticipantHi Ed,
What settings can you recommend for whitelisting nextgen gallery? When I click Manage Gallery on my site (thegrotonline.com), I’m getting a 403.
Thanks,
ArtAITpro Admin
KeymasterCheck the BPS Pro Security Log and post the error that is related to Nextgen.
Art
ParticipantThe log:
>>>>>>>>>>> 403 GET or Other Request Error Logged - July 31, 2013 - 12:46 pm <<<<<<<<<<< REMOTE_ADDR: 66.249.75.97 Host Name: crawl-66-249-75-97.googlebot.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 66.249.75.97 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/nextgen-gallery/xml/media-rss.php?gid=168&mode=gallery QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
I had added /nextgen-gallery/js/(.*).js to the whitelist area.
AITpro Admin
KeymasterThe Plugin Firewall whitelist rule for this file/script would be this: /nextgen-gallery/xml/media-rss.php
Click the Plugin Firewall menu link, click on the Firewall Whitelist Tools accordian tab, add this plugin whitelist rule below into the Plugins Script/File Whitelist Text Area, click the Save Whitelist Options button and activate the Plugin Firewall again.
/nextgen-gallery/xml/media-rss.php
Plugin whitelist rules MUST use this general (not literal) format: /plugin-folder-name/plugin-script.js, /another-plugin-folder-name/another-plugin-script.js Plugin Firewall whitelist rules MUST be separated by a comma and a space between each whitelist rule.
Reference/Source: http://forum.ait-pro.com/forums/topic/plugin-firewall-read-me-first-troubleshooting/
Glasairmell
Participant[Topic has been merged into this similar Topic]
Certain Nextgen gallery .js scripts are bering blocked by the BPS pro firewall even though they are in the white list. This causes galleries not to load. As a last ditch effort I added the affected plugin directory to the Plugin over ride.
The wp_bpspro_pfw_override table is being created in the db with and the .htaccess file date is changing in the plugin directory but no information is being put there and the problem continues to occur. Yes I have restarted the firewall, cleared caches and tried various ideas.
I have other WordPress sites that I installed BPS pro on however let’s just work with this one to start with.
Perhaps it is something simple I am overlooking however BPS can be a time sink and steep learning curve on nagging issues like this.
Cheers!
AITpro Admin
Keymaster@ Glasairmell – this is an older topic, but to keep things organized with relevant things I have merged your topic into this similar topic.
Post your Plugin Firewall whitelist rules from the Plugin Firewall Whitelist Text Area. Are you using a Minify plugin or doing anything with automated minification on this website?
AITpro Admin
KeymasterLooks like this is the site with NextGen problems: ca-xxxxx.us.
When I scan the site remotely with the BPS Pro cURL Scan Pro-Tool these are the scan results/plugin script whitelist rules:
/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.js, /nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/persist.js, /nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/store.js, /nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ngg_store.js, /nextgen-gallery/products/photocrati_nextgen/modules/lightbox/static/lightbox_context.js, /contact-form-7/includes/js/jquery.form.min.js, /contact-form-7/includes/js/scripts.js, /nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/static/common.js, /nextgen-gallery/products/photocrati_nextgen/modules/nextgen_basic_gallery/static/thumbnails/nextgen_basic_thumbnails.js, /nextgen-gallery/products/photocrati_nextgen/modules/lightbox/static/shutter/shutter.js, /nextgen-gallery/products/photocrati_nextgen/modules/lightbox/static/shutter/nextgen_shutter.js
These whitelist rules above can be condensed using Regular Expression (Regex) code as shown below:
NextGen Gallery is a perfect example of a plugin where Regex code should be used. In the latest release of NextGen Gallery I believe at least 3 – 5 new frontloading js scripts were added to NextGen. The point is that if you use Regex then if new/more js scripts are added to NextGen in future releases (very likely at the rate js scripts are being added to NextGen) then they will already be whitelisted by using Regex Plugin Firewall whitelist rules./nextgen-gallery/products/photocrati_nextgen/modules/(.*).js, /contact-form-7/includes/js/jquery.form.min.js, /contact-form-7/includes/js/scripts.js
Glasairmell
ParticipantThe Log:
[403 GET / HEAD Request: September 10, 2014 - 4:28 pm] Event Code: PFWR-PSBR-HPR Solution: http://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: .105.54.1 Host Name: adsl--105-54-1.dsl.pltn13.sbcglobal.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://www.mysite.com/xxxx/nextgen-pro-lightbox-gallery/83931dbe4f28fe8b7709edbef370bc68 REQUEST_URI: /xxxx/wp-content/plugins/nextgen-gallery-plus/modules/nextgen_pro_lightbox_legacy/static/theme/galleria.nextgen_pro_lightbox.js QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53
White List:
whitelist rules copied locally and deleted
The galleria.nextgen_pro_lightbox.js I just added to the white list because it just showed up in the log file. Also the curl scan is not catching these scripts. Even when they are in the whitelist they show up on the error log.
However why should they even show up at all when this:
/home/XXXXX/domains/mysite.com/public_html/xxx/wp-content/plugins/nextgen-gallery-plus/.htaccess
is in the over ride table? And should not the overide table be written to an .htaccess file?
Glasairmell
ParticipantThe site I am having problems with is xxxxx-land. No I am not using minifi plugin. Well I will give the Reg X code a go around then and get back to you. Thank you.
AITpro Admin
KeymasterThe override does not work on some plugins and we will probably remove the option. Ok for the reason stated above NextGen is a perfect example of a plugin that should have Regex whitelist rules.
Your whitelist rules look good. Let’s do some basic / simple things first.
1. Copy and paste the Plugin Firewall whitelist rules below to your Plugin Firewall Whitelist Text area and overwrite your existing whitelist rules.
2. Click the Save Whitelist Options button.
3. Click the Plugin Firewall BulletProof Mode Activate button./nextgen-gallery/products/photocrati_nextgen/modules/(.*).js, /nextgen_basic_gallery/static/(.*).js, /nextgen-gallery-plus/modules/(.*).js, /google-analyticator/external-tracking.min.js, /flash-video-player/swfobject.js, /contact-form-7/includes/js/(.*).js
Let me know when that is done so I can check this site remotely.
AITpro Admin
KeymasterOk was checking the site and both the Slide show and the static gallery just started working normally.
Glasairmell
ParticipantOk that is done. By the way the same problem is happening with woocommerce on the perform site. When this is resolved here I will use what i have learned on the other problem sites. Even though there is a steep learning curve here I feel BulletProof is the best option out there along with Wordfence. I appreciate the extreme amount of work you have put into it.
With Wordfence I could not use it’s caching system because the .htaccess file kept getting called. Not a big deal I guess using super cache instead.
Thank you.
AITpro Admin
KeymasterThe Plugin Firewall is the most complex thing in BPS Pro that we are still working on to make it better, adding more error checks, self healing capabilities and of course more automation. What we need to do is add some sort of automated “flush” that would have automatically fixed this type of problem. We do not see this exact problem very often, but it does happen from time to time and for whatever reason that we have yet to figure out. The steps to fix this issue/problem are always just delete and activate the Plugin Firewall again which is a manual “flush”.
FYI – this image file name is funky and is showing up as a 404 error when I check the gallery. Obviously the file name is not valid.
/german-shepherds/wp-content/gallery/studs/quartz-vom-haus-r%c3%b6hner_0.jpg
Glasairmell
ParticipantOK thank you for. Security log errors gone. Keep up the great work.
Glasairmell
ParticipantWhat do I do in this situation where the .js files are in their own directory.
/tinymce-advanced/mce/nonbreaking/(.*).js, /plugins/tinymce-advanced/mce/anchor/(.*).js, /tinymce-advanced/mce/print/(.*).js, /tinymce-advanced/mce/insertdatetime/(.*).js, /tinymce-advanced/mce/searchreplace/(.*).js, /tinymce-advanced/mce/code/(.*).js, /tinymce-advanced/mce/table/(.*).js, /tinymce-advanced/mce/advlist/(.*).js, /tinymce-advanced/mce/emoticons/(.*).js, /tinymce-advanced/mce/visualblocks/(.*).js, /tinymce-advanced/mce/visualchars/(.*).js, /tinymce-advanced/mce/wptadv/(.*).js
-
AuthorPosts
- You must be logged in to reply to this topic.