Home › Forums › BulletProof Security Pro › Plugin Firewall One of more of your Plugin Firewall Whitelist rules are not valid
Tagged: not valid, Plugin Firewall, Whitelist Rules
- This topic has 32 replies, 6 voices, and was last updated 7 years, 7 months ago by AITpro Admin.
-
AuthorPosts
-
James BurdenParticipant
Hi – I’m installing BPS Pro on a website and have come up with the following problem:
On Pre-installation checks I get a red error message reading: “Error: One of more of your Plugin Firewall Whitelist rules are not valid”. I click the link to take me to fix the rules and in the whitelist text area I have the following:
/seedprod-coming-soon-pro/themes/default/bootstrap/js/bootstrap.js, /seedprod-coming-soon-pro/themes/default/js/jquery.fitvids.js, /seedprod-coming-soon-pro/themes/default/js/script.js, /seedprod-coming-soon-pro/themes/default/js/modernizr.min.js, /seedprod-coming-soon-pro/themes/default/js/dd_belatedpng.js
(This is a plugin already installed on the website)
I understand that the valid plugin Whitelist rules must use only this format: /plugin-folder-name/plugin-script.js, /plugin-folder-name/(.*).js
I don’t understand what I should do. If I change the rules in the box then it won’t reflect the true file path of the Coming Soon Pro plugin. If I change the actual file path of the Coming Soon Pro plugin then presumably that will break the plugin.
What do I need to do to resolve this error?
(Using latest version of WordPress and BPS Pro)
AITpro AdminKeymasterWhat is being seen as an invalid Plugin Firewall whitelist rule is the word “themes” in the plugin script path. This one whitelist rule using Regular Expressions code is all you need to use to whitelist all of those js scripts for this particular plugin.
You can either do this…/seedprod-coming-soon-pro/(.*)/default/bootstrap/js/(.*).js
…or this
/seedprod-coming-soon-pro/(.*).js
James BurdenParticipantTada! Brilliant. I understand now. Thanks so much.
AITpro AdminKeymasterWe decided to get rid of the check for /themes/ altogether since newer code that was already previously created would not allow this type of invalid Plugin Firewall rule to be created in the first place. That still leaves the possibility that someone could manually enter an incorrect path, but since most folks are going to be using the Wizards to automatically setup the Plugin Firewall then the chances are pretty slim that this would happen.
MattParticipantInitially the whitelist textarea was empty, so I ran the cURL scanner which outputted this:
/disqus-popular-threads-widget/js/wp-disqus-pt.js, /wp-page-numbers/default/wp-page-numbers.css" type="text/css" media="screen" /> <script type="text/javascript" src="//www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php
I adjusted it to
/disqus-popular-threads-widget/js/wp-disqus-pt.js, /wp-page-numbers/default/wp-page-numbers.css
The pre-installation wizard is still failing.
MattParticipantI double-checked what’s outputting in the source code, and reduced it to
/disqus-popular-threads-widget/js/wp-disqus-pt.js
I’m guessing the error is related to the external site .php file that is loading as a script. A rare bug perhaps, I’m guessing I can just run the Setup Wizard now.
AITpro AdminKeymasterThe Setup Wizard cURL scanner will do the best it can to strip out any poor coding practices in your website Source Code. Ie another plugin or theme is doing unconventional or just poor coding methods that mangle the Source Code in a unconventional/non-standard way. The other thing that can be troublesome for the cURL scanner is when a Minifying plugin is used or minification is used in general. In any case, the only thing left to do if the Setup Wizard cURL scanner is not able to remove/strip out the unconventional Source Code/code characters is to manually remove/delete the additional gibberish Source Code characters from the valid plugin scripts that are found by the Setup Wizard cURL scanner.
AITpro AdminKeymasterAlso be sure to check your site by watching this Video Tutorial after running the Wizards.
http://forum.ait-pro.com/video-tutorials/#security-log-firewallAlexParticipantI’m having the same error with the following (I removed license key data, etc.). I’m not a technical expert, but from what I can tell it looks like the plugins involved are Quform, Easy Social Share Buttons and W3TC (NewRelic):
/iphorm-form-builder/js/iphorm.js?ver=1.4.18\'>.essb_fixed{margin:0}.essb_more_popup{z-index:999}.essb_more_popup_content{padding-top:10px;padding-bottom:10px;padding-left:5px;padding-right:5px;margin:0;text-align:center}.essb_more_popup_shadow{position:fixed;_position:absolute;height:100%;width:100%;top:0;left:0;background:rgba(99,99,99,0.3);z-index:998;display:none}.essb_more_popup_button_close{position:absolute;top:5px;right:0}.essb_more_popup_button_close a, .essb_more_popup_button_close a:hover{background:none;background-color:none;border:none;font-weight:bold;text-decoration:none;color:#333;padding-right:5px;margin-top:5px}jQuery(document).ready(function(){jQuery(\'.ktweet .kfooter a:not(.ktogglemedia)\').click(function(e){e.preventDefault();var khref=jQuery(this).attr(\'href\');window.open(khref,\'twitter\',\'width=600, height=400, top=0, left=0\');});});window.NREUM||(NREUM={});NREUM.info={\"beacon\":\"beacon-5.newrelic.com\",\"licenseKey\":\"\",\"applicationID\":\"\",\"transactionName\":\"==\",\"queueTime\":0,\"applicationTime\":,\"atts\":\"=\",\"errorBeacon\":\"bam.nr-data.net\",\"agent\":\"js-agent.newrelic.com/nr-476.min.js, left=0\');});});window.NREUM||(NREUM={});NREUM.info={\"beacon\":\"beacon-5.newrelic.com\",\"licenseKey\":\"\",\"applicationID\":\"\",\"transactionName\":\"==\",\"queueTime\":0,\"applicationTime\":,\"atts\":\"=\",\"errorBeacon\":\"bam.nr-data.net\",\"agent\":\"js-agent.newrelic.com/nr-476.min.js, /iphorm-form-builder/js/iphorm.js?ver=1.4.18\'>.essb_fixed{margin:0}.essb_more_popup{z-index:999}.essb_more_popup_content{padding-top:10px;padding-bottom:10px;padding-left:5px;padding-right:5px;margin:0;text-align:center}.essb_more_popup_shadow{position:fixed;_position:absolute;height:100%;width:100%;top:0;left:0;background:rgba(99,99,99,0.3);z-index:998;display:none}.essb_more_popup_button_close{position:absolute;top:5px;right:0}.essb_more_popup_button_close a, .essb_more_popup_button_close a:hover{background:none;background-color:none;border:none;font-weight:bold;text-decoration:none;color:#333;padding-right:5px;margin-top:5px}jQuery(document).ready(function(){jQuery(\'.ktweet .kfooter a:not(.ktogglemedia)\').click(function(e){e.preventDefault();var khref=jQuery(this).attr(\'href\');window.open(khref,\'twitter\',\'width=600, left=0\');});});window.NREUM||(NREUM={});NREUM.info={\"beacon\":\"beacon-5.newrelic.com\",\"licenseKey\":\"\",\"applicationID\":\"\",\"transactionName\":\"==\",\"queueTime\":0,\"applicationTime\":,\"atts\":\"=\",\"errorBeacon\":\"bam.nr-data.net\",\"agent\":\"js-agent.newrelic.com/nr-476.min.js
AITpro AdminKeymasterExcellent I was waiting for a chance to give the new Plugin Firewall AutoPilot Mode a go at this. The root problem is that your website’s Source Code has been mangled by something. Unfortunately, the Wizard cannot unmangle the damage. So let’s see what the new Plugin Firewall AutoPilot Mode can do with this. Do these steps below:
1. Go to the BPS Security Log page and click the Delete Log button to delete your current Security Log file contents.
2. Go to the Plugin Firewall page.
3. Click the Plugin Firewall BulletProof Mode Deactivate button.
4. Delete (or cut if you want to add your existing whitelist rules back into the Plugins Script|File Whitelist Text Area) all of your Plugin Firewall whitelist rules out of the Plugins Script|File Whitelist Text Area.
5. Click the Save Whitelist Options button.
6. Click the Plugin Firewall Test Mode button.
7. Check your site pages by clicking on all main website pages: contact form page, home page, login page, etc.
8. Recheck the Plugins Script|File Whitelist Text Area (after 1 minute) and you should see new Plugin Firewall whitelist rules have been created.
9. Change the AutoPilot Mode Cron Check Frequency to 15 minutes or whatever frequency time you would like to use.
10. Click the Plugin Firewall Activate button.Now go to the Plugin Firewall and refresh the page. Do you see all good Plugin Firewall whitelist rules and not that gibberish?
AlexParticipantWow thanks for the lightning quick reply!
Ok I ran all your steps and at first, the whitelist rules box remained empty. Then I re-ran the setup wizard pre-installation check (we just upgraded to Pro from Free), and some gibberish appeared again, but less than half of last time:
/iphorm-form-builder/js/iphorm.js?ver=1.4.18\'>.essb_fixed{margin:0}.essb_more_popup{z-index:999}.essb_more_popup_content{padding-top:10px;padding-bottom:10px;padding-left:5px;padding-right:5px;margin:0;text-align:center}.essb_more_popup_shadow{position:fixed;_position:absolute;height:100%;width:100%;top:0;left:0;background:rgba(99,99,99,0.3);z-index:998;display:none}.essb_more_popup_button_close{position:absolute;top:5px;right:0}.essb_more_popup_button_close a, .essb_more_popup_button_close a:hover{background:none;background-color:none;border:none;font-weight:bold;text-decoration:none;color:#333;padding-right:5px;margin-top:5px}jQuery(document).ready(function(){jQuery(\'.ktweet .kfooter a:not(.ktogglemedia)\').click(function(e){e.preventDefault();var khref=jQuery(this).attr(\'href\');window.open(khref,\'twitter\',\'width=600, height=400, top=0, left=0\');});});window.NREUM||(NREUM={});NREUM.info={\"beacon\":\"beacon-5.newrelic.com\",\"licenseKey\":\"\",\"applicationID\":\"\",\"transactionName\":\"==\",\"queueTime\":0,\"applicationTime\":,\"atts\":\"=\",\"errorBeacon\":\"bam.nr-data.net\",\"agent\":\"js-agent.newrelic.com/nr-476.min.js
AITpro AdminKeymasterDo these steps:
Go the Setup Wizard and set this option setting to Off: cURL Scan Option: Turn On/Off cURL Scan and click the Save Options button.
Note: This means that the Setup Wizard will not scan your website for Plugin Firewall whitelist rules. Since your Source Code is being mangled by something you have installed on your website then this cannot be fixed by the Setup Wizard automatically. The Setup Wizard is pretty amazing, but it cannot unscramble whatever is mangling your website’s Source Code so you want to let Plugin Firewall AutoPilot Mode handle creating Plugin Firewall whitelist rules automatically in real-time.
1. Go to the BPS Security Log page and click the Delete Log button to delete your current Security Log file contents.
2. Go to the Plugin Firewall page.
3. Click the Plugin Firewall BulletProof Mode Deactivate button.
4. Delete (or cut if you want to add your existing whitelist rules back into the Plugins Script|File Whitelist Text Area) all of your Plugin Firewall whitelist rules out of the Plugins Script|File Whitelist Text Area.
5. Click the Save Whitelist Options button.
6. Click the Plugin Firewall Test Mode button.
7. Check your site pages by clicking on all main website pages: contact form page, home page, login page, etc.
8. Recheck the Plugins Script|File Whitelist Text Area (after 1 minute) and you should see new Plugin Firewall whitelist rules have been created.
9. Change the AutoPilot Mode Cron Check Frequency to 15 minutes or whatever frequency time you would like to use.
10. Click the Plugin Firewall Activate button.Now go to the Plugin Firewall and refresh the page. Do you see all good Plugin Firewall whitelist rules and not that gibberish?
AlexParticipantAgain, thanks for the super quicky reply. Followed your latest steps and the gibberish disappeared! Now there’s just:
/tinymce-spellcheck/js/atd.core.js, /iphorm-form-builder/includes/captcha.php
Also re-ran the pre-install wizard and everything checked out 🙂 Thanks so much for your help!
I should add that setup completed without any errors. Thanks for creating this fantastic plug! We specialize in affiliate marketing so We’ll be sure to sign up and send you some high quality leads.
AITpro AdminKeymasterAWESOME!!! I spent weeks bashing and trashing the new Plugin Firewall AutoPilot Mode feature in every possible way and scenario I could think of to break it and make it malfunction or exploit it, which of course lead to adding new code to AutoPilot Mode to prevent however I broke it or exploited it in testing. That is just par for the course for any feature (in any plugin) that has the critical responsibility that this new BPS Pro feature has. It must be 100% accurate – there is no room for error – 99.99% is not good enough – it must be perfect for what it is responsible for doing.
Thank you for confirming that AutoPilot Mode does its job as it was intended to do. And for anyone else who suffered through all the predecessor tools of AutoPilot Mode – my sincere apologies. I just did not think it was possible to create this without creating an exploit in BPS Pro, but I had just not thought of “the” new concept yet. 😉
Thanks for being patient and jumping through the hoops.
And I want to thank J and S for their awesome ideas for AutoPilot Mode.
–Ed
AITpro AdminKeymasterI recommend setting AutoPilot Mode Cron Check Frequency to 15 minutes if this site is still in early development stages where new plugins are going to be added removed or the site will always be in flux. If the site is established then typically plugins will not be added or removed on a regular basis and then I would recommend either turning AutoPilot Mode On or Off as needed or possibly doing a 30 minute interval on the Cron Check.
Thanks again
–Ed
-
AuthorPosts
- You must be logged in to reply to this topic.