Phpinfo Viewer blocked by BPS Pro

Home Forums BulletProof Security Pro Phpinfo Viewer blocked by BPS Pro

This topic contains 3 replies, has 2 voices, and was last updated by  AITpro Admin 2 weeks ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #37833

    Living Miracles
    Participant

    Hello,

    I was trying to access the Phpinfo Viewer on one of my SiteGround-hosted websites. Right now, I’m getting a 403 Forbidden Error Page. Below I’ve pasted the Security Log entry for this. Can you let me know what I can do so I can view the Phpinfo Viewer page without getting blocked by BPS Pro? I’ve got 5 other sites on this same server and I can access each site’s Phpinfo Viewer without a problem.

    [403 GET Request: September 5, 2019 - 10:47 am]
    BPS Pro: 14
    WP: 5.2.2
    Event Code: PFWR-PSBR-HPRA
    Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
    REMOTE_ADDR: 216.250.39.154
    Host Name: d216-250-39-154.allwest.net
    SERVER_PROTOCOL: HTTP/1.0
    HTTP_CLIENT_IP: 
    HTTP_FORWARDED: 
    HTTP_X_FORWARDED_FOR: 
    HTTP_X_CLUSTER_CLIENT_IP: 
    REQUEST_METHOD: GET
    HTTP_REFERER: https://example.com/wp-admin/admin.php?page=bulletproof-security%2Fadmin%2Fphp%2Fphp-options.php
    REQUEST_URI: /wp-content/plugins/bulletproof-security/admin/php/bps-phpinfo.php
    QUERY_STRING: 
    HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36
    
    

    By the way, I’m trying to troubleshoot the PHP mail() function or the WordPress wp_mail() function, since I’m not receiving emails from S-Monitor after we switched our hosting on SiteGround from a Cloud server to a Dedicated server.

    Thank you!
    Jutta

    #37834

    AITpro Admin
    Keymaster

    The BPS Security Log logs all 403 errors whether or not BPS is blocking something.  So if something else is blocking the PHP Info Viewer then BPS will log that 403 error.  If you turn Off Security Logging and try to use the PHP Info Viewer tool then instead of the BPS Security Log logging the error you should see a server error message, which may tell you more information about what is blocking the PHP Info Viewer or you may just see a default server 403 error message page.

    There is a new version of BPS Pro available:  14.1.  The Security Log entry shows that you have BPS Pro 14 installed.

    The Server Protocol is HTTP/1.0, which usually indicates that you are using a Proxy or Load Balancer, but the HTTP_X_FORWARDED_FOR Security Log field does not show a Proxy/Load Balancer IP address.  Are you using a Proxy or VPN Browser on your computer?

    You can test both PHP mail() and WordPress wp_mail() by using the S-Monitor > Simple Email Tests tool.  You should run the Setup Wizard if you have not done that already when you switched your hosting server.  If you are able to successfully send emails using the Simple Email Tests tool then the next thing to check would be WordPress standard crons.  ie if you have disabled WordPress standard crons then you will not receive emails from S-Monitor/BPS, unless you have setup a Direct Cron correctly.  Correctly being the key word here.  ie Direct Cron jobs should be set to run once per minute.  Any other time interval  is a mistake for Direct Cron jobs.

    There is another possible cause for the 403 error, but I need to know where Server Protocol HTTP/1.0 is coming from. ie your server/Proxy or your computer/Browser.

    #37835

    Living Miracles
    Participant

    Hi there,

    Thank you for the help. I’ve turned off Security Logging and can now successfully access the PHP Info Viewer. Can you explain why that would be? Does that mean BPS Pro is blocking something it shouldn’t?

    As for the mail issues I’m seeing, I’d like to share some more information. Like I said, I’ve got 6 WordPress sites on this new SiteGround Dedicated server. I did run the wizards right after migration to make sure everything was working properly. One of the sites is actually successfully sending mail (I’ve been getting all kinds of subscription-related emails as normal—it’s a subscription website) and the S-Monitor > Simple Email Tests tool works as well (I receive 2 emails when I run the test).

    For the other 5 sites, I have email forwarders set up with each domain (so that I can send and receive email from name@example.com, etc., for each site). Those email forwarders work fine, so it doesn’t seem there’s something wrong with the setup on my server in terms of the actual email forwarders—it simply seems that when email try to get send from the WordPress site, they do not work.

    Regarding you question: Are you using a Proxy or VPN Browser on your computer?
    I don’t believe so; I’m just using Google Chrome. No Proxy or VPN extension either.

    Regarding Crons:
    We do not have any custom setup for crons. Everything is using the standard WordPress crons.

    Thank you for any other information or troubleshooting steps you can provide!

    Jutta

    #37836

    AITpro Admin
    Keymaster

    Turning Security Logging On or Off would not affect the PHP Info viewer.  Turn Security Logging back On and check the PHP Info viewer tool.  What probably happened is that your IP address was not whitelisted yet on your first access attempt for the PHP Info viewer tool.

    My guess would be that the emails are being flagged as spam by something such as Spam Assassin installed on your web host.  Or maybe there is a problem with how you are doing email forwarding.  Can’t really offer any other suggestions.  This is probably something you will need to contact your web host about.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.