Home › Forums › BulletProof Security Pro › Plugin Conflicts, Actively Blocked Plugins, Plugin Compatibility
- This topic has 31 replies, 10 voices, and was last updated 1 year, 3 months ago by
Aashi Garg.
-
AuthorPosts
-
AITpro Admin
Keymaster@ murrysim – Just run the Pre-Installation Wizard and Setup Wizard again on each site to fix that issue. The Setup Wizard will automatically create an AutoRestore exclude rule for the root htaccess file.
murraysim
ParticipantOk I will try that thank you, though I am pretty sure that has been run many times and it still happens. I will run it on this site and make a note of dates and see if it continues. Much obliged 🙂
murraysim
ParticipantHi, I just checked one of my sites and it has a bunch of wflog files in quarantine, yet it seems I had already done the
auto restore exclude wflogs thing previously? How can that be?
Here is the log of that site:
[BPS Pro 16.7: wp-content File Quarantine Logged: June 5, 2022 4:32 am]
Quarantined Filename: config-livewaf.php
Quarantine Path: /home/bcals/public_html/wp-content/bps-backup/quarantine/wp-content/wflogs/config-livewaf.php
Restore Path: /home/bcals/public_html/wp-content/wflogs/config-livewaf.php[BPS Pro 16.7: wp-content File Quarantine Logged: June 5, 2022 4:32 am]
Quarantined Filename: ips.php
Quarantine Path: /home/bcals/public_html/wp-content/bps-backup/quarantine/wp-content/wflogs/ips.php
Restore Path: /home/bcals/public_html/wp-content/wflogs/ips.php[BPS Pro 16.7: wp-content File Quarantine Logged: June 5, 2022 4:32 am]
Quarantined Filename: config.php
Quarantine Path: /home/bcals/public_html/wp-content/bps-backup/quarantine/wp-content/wflogs/config.php
Restore Path: /home/bcals/public_html/wp-content/wflogs/config.php[BPS Pro 16.7: wp-content File Quarantine Logged: June 5, 2022 4:32 am]
Quarantined Filename: attack-data.php
Quarantine Path: /home/bcals/public_html/wp-content/bps-backup/quarantine/wp-content/wflogs/attack-data.php
Restore Path: /home/bcals/public_html/wp-content/wflogs/attack-data.php[BPS Pro 16.7: wp-content File Quarantine Logged: June 5, 2022 4:32 am]
Quarantined Filename: config-transient.php
Quarantine Path: /home/bcals/public_html/wp-content/bps-backup/quarantine/wp-content/wflogs/config-transient.php
Restore Path: /home/bcals/public_html/wp-content/wflogs/config-transient.php[BPS Pro 16.7: wp-content File Quarantine Logged: June 5, 2022 4:32 am]
Quarantined Filename: .htaccess
Quarantine Path: /home/bcals/public_html/wp-content/bps-backup/quarantine/wp-content/wflogs/.htaccess
Restore Path: /home/bcals/public_html/wp-content/wflogs/.htaccess[BPS Pro 16.7: wp-content File Quarantine Logged: June 5, 2022 4:32 am]
Quarantined Filename: template.php
Quarantine Path: /home/bcals/public_html/wp-content/bps-backup/quarantine/wp-content/wflogs/template.php
Restore Path: /home/bcals/public_html/wp-content/wflogs/template.php[BPS Pro 16.7: wp-content File Quarantine Logged: June 5, 2022 4:32 am]
Quarantined Filename: rules.php
Quarantine Path: /home/bcals/public_html/wp-content/bps-backup/quarantine/wp-content/wflogs/rules.php
Restore Path: /home/bcals/public_html/wp-content/wflogs/rules.php[BPS Pro 16.7: wp-content File Quarantine Logged: June 5, 2022 4:32 am]
Quarantined Filename: config-synced.php
Quarantine Path: /home/bcals/public_html/wp-content/bps-backup/quarantine/wp-content/wflogs/config-synced.php
Restore Path: /home/bcals/public_html/wp-content/wflogs/config-synced.phpAITpro Admin
Keymaster@ murrysim – The timestamp for the log entries is June 5. So those are older log entries. Double check that you have done the steps below correctly to exclude the wflogs wp-content folder. If there is still a problem then send me a WordPress Administrator login to your site to: info@ait-pro.com.
1. Go to AutoRestore > Exclude wp-content Folders tab page.
2. Enter “Exclude wflogs Folder” for the label.
3. Enter: wflogs for the folder name to exclude. Note: Do not add any slashes or any other folder path information. Just enter the folder name.
4. Click the Save Folder Exclude Rules button.
5. Go to Quarantine and restore all the wflogs files from Quarantine.Neha gi
ParticipantStep 1: Clear Your Browser Cache. As simple as it might appear, clearing your browser’s cache can help sort out this problem.
Step 2: Consider Creating a Staging Site.
Step 3: Switch to WordPress Default Theme.
Step 4: Deactivate Your Plugins.
Step 5: Reactivate The Plugins.David Langston
ParticipantHello,
After removing WP Cerber and running the setup wizard in BPS Pro, I keep getting this error in the PHP logs:
[08-Nov-2022 12:05:18 UTC] Cron unschedule event error for hook: cerber_scheduled_hash, Error code: could_not_set, Error message: The cron event list could not be saved., Data: {“schedule”:false,”args”:[“\/home\/dynamowmoles\/public_html\/wp-content\/uploads\/wp-cerber-5XZD8MEUGQYSH042P6I7\/tmp\/all-in-one-wp-migration-unlimited-extension.zip”]}
[08-Nov-2022 12:05:18 UTC] PHP Warning: Cannot modify header information – headers already sent in /home/flowgoyoyo/public_html/wp-content/plugins/litespeed-cache/src/vary.cls.php on line 735Can you advise how I can get rid of this?
Many thanks!
David Langston
ParticipantHello,
I sorted my issue above using Advanced Cron Manager
Many thanks!
David Langston
ParticipantActually, I still can’t remove the cerber_scheduled_hash cron. It comes straight back even with the plugin removed. Any ideas would be great! Many thanks!
AITpro Admin
KeymasterFirst purge/delete all plugin cache (LiteSpeed, etc). Next go to the BPS Pro > Tools > Scheduled Crons tool > click the Reset|Clear All Cron Jobs button.
David Langston
ParticipantMany thanks, that worked.
Any ideas on how to fix this one?
[08-Nov-2022 13:37:45 UTC] PHP Warning: Cannot modify header information – headers already sent in /home/flowgoyoyo/public_html/wp-content/plugins/litespeed-cache/src/vary.cls.php on line 735
AITpro Admin
Keymaster“headers already sent” errors are usually caused by using the WP_DEBUG constant in your wp-config.php file (ironic, but is the nature of the debugging beast). Check your wp-config.php file and if WP_DEBUG is set to true then change it to false:
define('WP_DEBUG', false);
. Important Note: make sure there is no whitespace after “define”. Should bedefine(
and notdefine (
Iris
ParticipantHi BPS Pro,
For the last few days I have not been able to update changes in Google’s Consol to existing, indexed URLs on my site. When I click ‘Live Test’ following the URL Inspection it returns ‘URL is not available to Google’, Page cannot be indexed: <span class=”ni9zg”>Blocked due to access forbidden (403). </span>
<span class=”ni9zg”>I have never had this happen before when updating existing content. I haven’t made any other changes. </span>All is fine, green, on the usual URL Inspection but not when I click ‘Live Test’, red.
On checking my BPS Pro Security Log I noted the entry below. It appears that BPS Pro is blocking the Googlebot. Recently I learnt that Google has now added a Google-Inspection Tool to Google User Agents and I note the user-agent was Google-InspectionTool/1.0.
I have contacted my host provider who said the ‘permissions are all set’ and something about mod-security I don’t understand, being a novice, not a developer.
Please would you mind letting me know a solution or whitelist rule that I can put in the Custom Code to allow, whitelist the Google-Inspection Tool access and so stop it from being blocked?
Thank you for your time.
[403 GET Request: 18 May 2023 - 7:47 am] BPS Pro: 17.2 WP: 6.2.1 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 66.249.68.42 Host Name: crawl-66-249-68-42.googlebot.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /tag/mistake/ QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (compatible; Google-InspectionTool/1.0;)
AITpro Admin
KeymasterI just tested Google Search Console > Url Inspection > Live Test on this forum url and it was not blocked https://forum.ait-pro.com/wp-content/uploads/2023/05/live-test.png. The BPS Security Log logs all 403 errors whether or not BPS is blocking something. ModSecurity could be blocking this or if you have added additional custom htaccess code in your root htaccess file then that could be causing the block. Post a link to the url that is having issues so I can check it. You can also do BPS troubleshooting steps to confirm, eliminate or isolate problems.
BPS troubleshooting steps > https://forum.ait-pro.com/forums/topic/read-me-first-free/#bps-free-general-troubleshooting
BPS Pro troubleshooting steps > https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting
Iris
ParticipantThank you for your prompt reply, much appreciated. Sorry, I don’t know how to do the live tests on the forum and so send links.
I am still having problems. For example this existing, indexed url https://willshub.com.au/tenancy/ is still being blocked on live-testing due to forbidden access (403) as are six or more others, likely more. Another message was a ‘failed server connection error’.
I don’t understand anything about ModSecurity and would not know if the additional custom code in my root htaccess was causing a problem or not. I do know that I have not changed anything or added anything to that and everything was working just fine until a few days ago. Until I have been able to make changes to content, inspect urls, live test and request indexing without issue.
Any assistance would be greatly appreciated and thank you for your time.
AITpro Admin
KeymasterI tested this user agent and made a request to your site > Mozilla/5.0 (compatible; Google-InspectionTool/1.0;) and it is not being blocked. I also used an online simulator to check urls with a Live Test google simulator and it was not blocked. I don’t see any problems when checking your site.
I see that you have Wordfence installed. Are you intentionally using country blocking? I see 503 errors for most countries except for Australia, US and some others > https://www.host-tracker.com/en/ic/3/b83dcc23-22b3-459f-8e36-da7543caa439. A 503 can also mean your host server is overloaded or has some problems.
I believe ModSecurity installed on your web host sever is blocking google IP addresses. Have your web host support techs check the ModSecurity error logs.
-
AuthorPosts
- You must be logged in to reply to this topic.