Plugin Firewall general questions – outdated information – disregard

Home Forums BulletProof Security Pro Plugin Firewall general questions – outdated information – disregard

This topic contains 7 replies, has 3 voices, and was last updated by  Kouichi Sugawara 3 years, 7 months ago.

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #3612

    Deb
    Participant

    I don’t do much of any recoding of plugins (not my expertise). I deactivated ALL plugins but BPS Pro and still no CSS loading to get the menus and buttons — all is one long line of text. It had worked for a few rounds of saving settings after you restored all the plugins, but quickly disappeared. But from the 1st free install, they haven’t worked. I changed through all the themes and retested with other browsers as well. Still no CSS/nice menus and buttons. Any other ideas??

    #3620

    AITpro Admin
    Keymaster

    First what is the current status of the Plugin Firewall On, Test Mode or Off?  You will see the Status displayed at the top of BPS Pro pages/your Dashboard.

    This issue/problem most likely has to do with the Plugin Firewall.  Deactivate the Plugin Firewall and Refresh your Browser.  If this fixes the problem then you have invalid/incorrect plugin scripts in your Plugin Firewall Whitelist Text area.  Copy and paste your plugin script whitelist rules from the 

    #3635

    Deb
    Participant

    The status was Plugin Firewall = On.
    The status was AutoRestore = On.

    I did not see where to “deactivate the Plugin Firewall” so I put it into Test Mode=On and Saved Options. I set AutoRestore = Off. I refreshed all the browsers and the CSS menus are ON! The only scripts that are in the Whitelist areas are the ones you gave me. I clicked on the new Start Test Mode blue button and the pop up window to get that info and it reads this response:

    Forbidden
    You don't have permission to access /jamesedwards/wp-content/bps-backup/test-mode/PFW-TestMode.php on this server.
    Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
    #3637

    Deb
    Participant

    I refreshed all the windows again looking for error alerts, there were none, so went BACK to Plugin Firewall area and hit the Start Test Mode blue button again and this time I see the blog to the left and an instructions window to the right. Here are the new Test Results. I’ll set it up again.

    /microaudio/microAudio.js.php, /i-love-social-bookmarking/includes/ilsb.js, /audio-player/assets/audio-player.js, /microaudio/jquery-1.3.js.php, /google-analyticator/external-tracking.min.js, /wordpress-seo/js/wp-seo-admin-global.js, /si-captcha-for-wordpress/captcha/securimage_show.php

    Everything is working now.

    #3639

    AITpro Admin
    Keymaster

    The Plugin Firewall is a bit tricky and is the most complex security measure in BPS Pro.  There are actually several different approaches you can use to get/find the plugin scripts that need to be added to the Plugin Firewall Whitelist, but Test Mode is supposed to be the easiest of them all.

    The plugins scripts that you posted above in your first post have an issue/problem so that what was causing the Plugin Firewall plugin scripts whitelist to fail.  If there is even one mistake in the plugin scripts whitelist rules then it will break/invalidate the entire Plugin Firewall Whitelist section in the Plugin Firewall .htaccess file.  There are several code cleanup functions that check the beginning and ending of the list of plugin scripts (add or remove whitespace and commas) in the whitelist text area, but in this case the error checking code would not have worked anyway because the issue/problem was in the middle of your plugin scripts – after/between – /google-analyticator/external-tracking.min.js and /si-captcha-for-wordpress/captcha/securimage_show.php.

    #8313

    AITpro Admin
    Keymaster

    The information in this Forum Topic is outdated and is no longer valid – please disregard it

    The new Setup Wizard would of course now be the simplest method and the cURL Multi page scanner has been beefed up so the Plugin Firewall Test Mode is now the least simple method to get plugin scripts that need to be whitelisted in the Plugin Firewall.

    #18769

    Kouichi Sugawara
    Participant

    Hi AITpro
    Refresh Status button

    In case of PFW off,
    I go to Activate Plugin Firewall Security Mode,
    Say as follow:

    1. Click the Save Whitelist Options button.
    2. Click the Plugin Firewall BulletProof Mode Activate button.
    3. Click the Refresh Status button below.

    I did not see Refresh Status button on step-3. Can I ignore this.

    #18770

    Kouichi Sugawara
    Participant

    Hi AITpro
    Refresh Status button

    I found Refresh Status Button, No Problem I have on this matter.

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.