Plugin Firewall – Read Me First Troubleshooting

Home Forums BulletProof Security Pro Plugin Firewall – Read Me First Troubleshooting

This topic contains 63 replies, has 17 voices, and was last updated by  AITpro Admin 1 year, 2 months ago.

Viewing 15 posts - 16 through 30 (of 64 total)
  • Author
    Posts
  • #25892

    Living Miracles
    Participant

    Thank you!

    So we generally have two people logged into the same user (Admin) at the same time, from different IP addresses – does whitelisting the Admin role in the Additional Roles IP Whitelist tool take that into consideration? Meaning, do both IP addressed get whitelisted at the same time or will they be competing?

    #25893

    AITpro Admin
    Keymaster

    If you have multiple users logging into a website at the same time then yes you would want to use the Additional Roles IP Whitelist option.  Things will still work fine if you do not do that, but it is just smarter to use that option.

    #26264

    Stefan
    Participant

    [Topic has been merged into this relevant Topic]
    I did get entries from my own server in the Security Log. This is an example: How can i fix it?

    [403 GET|HEAD Request: 12. November 2015 - 19:57]
    Event Code: PFWR-PSBR-HPR
    Solution: http://forum.ait-pro.com/forums/topic/security-log-event-codes/
    REMOTE_ADDR: xxx.xxx.xxx
    Host Name: xxxx
    SERVER_PROTOCOL: HTTP/1.0
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR: xxxxxxxxx
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: https://www.xxxx/wp-admin/admin.php?page=bulletproof-security/admin/security-log/security-log.php
    REQUEST_URI: /wp-content/plugins/bulletproof-security/admin/js/bps-ui-tabs.js?ver=4.3.1
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
    #26268

    AITpro Admin
    Keymaster

    Do the steps below.

    Fix all general Plugin Firewall issues/problems:
    1. Go to the BPS Security Log page and click the Delete Log button to delete your current Security Log file contents.
    2. Go to the Plugin Firewall page.
    3. Click the Plugin Firewall BulletProof Mode Deactivate button.
    4. Delete (or cut if you want to add your existing whitelist rules back into the Plugins Script|File Whitelist Text Area) all of your Plugin Firewall whitelist rules out of the Plugins Script|File Whitelist Text Area.
    5. Click the Save Whitelist Options button.
    6. Click the Plugin Firewall Test Mode button.
    7. Check your site pages by clicking on all main website pages: contact form page, home page, login page, etc.
    8. Recheck the Plugins Script|File Whitelist Text Area (after 1 minute) and you should see new Plugin Firewall whitelist rules have been created.
    9. Change the AutoPilot Mode Cron Check Frequency to 15 minutes or whatever frequency time you would like to use.
    10. Click the Plugin Firewall Activate button.

    Fix all general Plugin Firewall issues/problems and Proxy server configuration mistakes:
    Additional steps to fix both general Plugin Firewall issues/problems and to compensate for an additional Proxy server configuration mistake (whitelist the Proxy IP Address). Note: This only applies to Proxy server issues/problems. Use the steps above unless specifically instructed to use these steps below to fix/whitelist a Proxy server IP address problem.

    1. Go to the BPS Security Log page and click the Delete Log button to delete your current Security Log file contents.
    2. Go to the Plugin Firewall page.
    3. Click the Plugin Firewall Additional Whitelist Tools accordion tab.
    4. Enter Proxy server IP address: xxx.xxx.xxx.xxx in the Whitelist by Hostname (domain name) and IP Address text box.
    5. Click the Save Hostname and IP Address Rules button.
    6. Click the Plugin Firewall BulletProof Mode Deactivate button.
    7. Delete (or cut if you want to add your existing whitelist rules back into the Plugins Script|File Whitelist Text Area) all of your Plugin Firewall whitelist rules out of the Plugins Script|File Whitelist Text Area.
    8. Click the Save Whitelist Options button.
    9. Click the Plugin Firewall Test Mode button.
    10. Check your site pages by clicking on all main website pages: contact form page, home page, login page, etc.
    11. Recheck the Plugins Script|File Whitelist Text Area (after 1 minute) and you should see new Plugin Firewall whitelist rules have been created.
    12. Change the AutoPilot Mode Cron Check Frequency to 15 minutes or whatever frequency time you would like to use.
    13. Click the Plugin Firewall Activate button.

    #27968

    AW
    Participant

    Hi BPS,
    I tried on the guide as above, but I could not create a whitelist. Could you direct me to a a guide page whereby on how to create a whitelist? I manage to did that few days ago, but seems like i cant find the guide. In my Security Log, it preview data as below. For your info, the WPTUBEVIDEO is a plugin that I installed, please guide on how to resolve the issue.

    [403 GET Request: January 28, 2016 12:30 pm]
    Event Code: PFWR-PSBR-HPR
    Solution: http://forum.ait-pro.com/forums/topic/security-log-event-codes/
    REMOTE_ADDR: 183.171.17.171
    Host Name: 183.171.17.171
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://raptorsvape.com/
    REQUEST_URI: /wp-content/plugins/wptubevideo/js/my_script.js?ver=4.4.1
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 4.4.2; GT-N7100 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36

    Thanks and sorry for the hassle.
    Regards,
    Alex

    #27970

    AITpro Admin
    Keymaster

    When I check your site and check this js file:  /wp-content/plugins/wptubevideo/js/my_script.js it is not being blocked by BPS or anything else.  When I check your YouTube videos here:  http://raptorsvape.com/blog/ the are playing normally.  Maybe Plugin Firewall AutoPilot Mode already created a whitelist rule for this script?  AutoPilot Mode whitelist rules are created on the next scheduled AutoPilot Mode Cron Job run.  ie every x minutes.

    #27975

    AW
    Participant

    Hi BPS,
    Yes it was not block, I though the info that be shown via Security Log is something that need to be solve. By the way, there’s one function that may not functioning. CAPCHA by BPS
    If you register as a NEW MEMBER, the CAPTCHA is a must to enter.
    However, when you “log out” > “clear cache” and try to relogin via ” http://raptorsvape.com/login/ ”
    You do not need to enter the BPS CapTCHA but still can LOGIN after you had inserted your username and password
    I checked the Login Security in BPS is Turn ON. The JTC Anti-Spam Hacker Anti-Hacker is ON as well and was checked on Login Form, Register Form and Comment Form.  > Subscriber was checked as well.

    Please advice on the issue.
    Thanks.
    Regards,
    Alex

    #27977

    AITpro Admin
    Keymaster

    Sounds like a problem with your Theme ClassiPress.  Maybe it is taking over login processing or cancelling out JTC?  Try switching your Theme to the WordPress 2016 theme and see if the same problem occurs.  Also WP Fastest Cache file is caching your login page.  Login pages and forms should never be cached for any reason.  So exclude the custom /login/page from being cached by WP Fastest Cache.

    #27982

    AW
    Participant

    Hi BPS,
    Okay I will check out the WP Cache. In the Classic Press itself it does have a reCaptcha function as well, but i did not activate it cause i am using BPS 🙂
    By the way…new error about PFW. There’s an error come out as below :-
    Activate Plugin Firewall (PFW) BulletProof Mode button Read M
    Error: Your Whitelist rules either have additional/extra whitespaces between whitelist rules, line breaks/new lines between or after your whitelist rules or no space after the comma between your plugin scripts/paths/rules. Click on the Plugin Firewall Whitelist Tools accordion tab and click the Save Whitelist Options button to see if this automatically fixes the problem. If the error is still occurring then correct/fix any invalid plugin whitelist rules in the Plugins Script|File Whitelist Text Area. Edit your Whitelist rules to correct the error and click the Save Whitelist Options button and activate the Plugin Firewall again. Valid plugin Whitelist rules MUST use ONLY this Format: /plugin-folder-name/plugin-script.js, /plugin-folder-name/(.*).js. Plugin paths/scripts are separated by a comma and a single space. Your whitelist rules should be one continuous single line of scripts/paths/rules without any line breaks/new lines.

    In the File Whitelist Text Area does only contain the text below: /backupbuddy/pluginbuddy/js/admin.js What should I do ? PFW is off now.
    Looking forward for your help.
    Regards,
    Alex

    #27984

    AITpro Admin
    Keymaster
    #28872

    Andrew
    Participant

    [Topic has been merged into this relevant Topic]
    I have turned-on the JTC protection on my website.  Do I also have to edit my .htaccess file to block IP addresses that are repeatedly trying to login to my site, or is enabling JTC sufficient?  Thank you.

    #28879

    AITpro Admin
    Keymaster

    @ Andrew – JTC blocks 100% of all automated login attempts/attacks by hackerbots and spambots.  99.99% of all login attempts/attacks are automated using Bots.  Your Security Log logs all blocked hackerbots and spambots.  So nope you should not have to add any other Login security measures for your website.

    #30872

    AW
    Participant

    [Topic has been merged into this relevant Topic]
    Hello BPS,
    Thanks for the hard work!
    I encounter some issue in whitelist plugin which I need your guide on how to correct it.
    Error Message:-
    Error: One or more of your Whitelist rules are not valid
    Click on the Plugin Firewall Whitelist Tools accordion tab and correct/fix any invalid plugin whitelist rules in the Plugins Script|File Whitelist Text Area.
    Edit your Whitelist rules and correct whitelist rules that contain any of these invalid things:
    ver=, page=, src=, www, http, https, href, .com, .net, .org, .biz, .info, .gov, .edu and
    click the Save Whitelist Options button and activate the Plugin Firewall again.
    Valid plugin Whitelist rules MUST use ONLY this Format: /plugin-folder-name/plugin-script.js, /plugin-folder-name/(.*).js. Plugin paths/scripts are separated by a comma and a single space.
    And my plugin script:-

    /akismet/_inc/form.js, /jetpack/modules/wpgroho.js, /contact-form-7/includes/js/jquery.form.min.js, /jetpack/modules/photon/photon.js, /contact-form-7/includes/js/scripts.js, /mts-wp-google-translate/public/js/wp-google-translate-public.js, /wp-fastest-cache/js/schedule.js, /wp-fastest-cache/js/toolbar.js, /jetpack/modules/related-posts/related-posts.js, /better-analytics/js/loader.php?ver=1.1.4.js, /bbpress/templates/default/js/editor.min.js, /jetpack/modules/sharedaddy/sharing.js, /wp-random-button/js/functions.js

    Please guide me on which script that cause the problem and need to change.
    Regards,
    Alex

    #30879

    AITpro Admin
    Keymaster

    @ AW – remove “?ver=1.1.4.js” from this Plugin Firewall rule and click the save/Activate button again:  /better-analytics/js/loader.php?ver=1.1.4.js

    #30927

    Max
    Participant

    [Topic has been merged into this relevant Topic]
    I didn’t want to Hijack your other thread so I post my problem here. The BPS GUI is broken on my Site. I disable all plugins and switch to any standard WP twenty-X themes, the GUI is still broken. Disabling the Plugin Firewall instantly resolves the problem.

    As all plugins were disabled (but BPS) and a standard theme was chosen, I had no more ideas.

    I am getting a lot of REQUEST_URI: /wp-content/plugins/bulletproof-security/admin/js/bps-ui-dialog.js?ver=12.3 Errors though. Feel free to further investigate my site, it’s development/testing only.

Viewing 15 posts - 16 through 30 (of 64 total)

You must be logged in to reply to this topic.