Home › Forums › BulletProof Security Pro › Stats plugin – admin @ 2x.php file, @2x images, Retina, Responsive
Tagged: @2x images, admin@2x.php, Responsive, Retina, Stats plugin
- This topic has 43 replies, 6 voices, and was last updated 8 years, 3 months ago by AITpro Admin.
-
AuthorPosts
-
Paulin HalenriaParticipant
Hello
I’m not 100% sure, but it seems I got errors on a website with the display of stats in the admin bar
REQUEST_METHOD: GET HTTP_REFERER: http://lasolutionestenvous.com/ REQUEST_URI: /wp-admin/admin@2x.php?page=stats&noheader&proxy&chart=admin-bar-hours-scale-2x QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/536.30.1 (KHTML, like Gecko) Version/6.0.5 Safari/536.30.1
As far I found on Google, it seems linked to the little stats icon in the admin bar…
As I’m not sure, I don’t know which info could be useful to find help…
PH
AITpro AdminKeymasterUPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494
Based on the error it appears that you would need to whitelist this file in your wp-admin .htaccess file.
1. Copy this code below to this BPS Custom Code text box:
2. Click the Save wp-admin Custom Code button.
3. Go to the BPS Security Modes page and click the wp-admin BulletProof Mode Activate button.# admin @ 2x.php skip/bypass rule RewriteCond %{REQUEST_URI} (admin@2x\.php) [NC] RewriteRule . - [S=2]
AITpro AdminKeymasterIs this the JetPack Stats plugin? This URI looks very odd to me…
/wp-admin/admin@2x.php?page=stats&noheader&proxy&chart=admin-bar-hours-scale-2x
…I did some Google searches and I see this URI for the JetPack Stats plugin instead…
/wp-admin/admin.php?page=stats&noheader&proxy&chart=admin-bar-hours-scale-2x
I have seen @2x used with Image files, but have never see this used with a php file and especially not a WP Core file.
AITpro AdminKeymasterEmail Question:
Good Evening,
I have been running all my plugins on the test site. When I am viewing the site from my IPOD (just viewing, not logging in) I get security message like this. On all my photo’s. Bear in mind I am not logged into admin. I am not having any difficulty viewing the site from my mobile device, but the event code says I am blocked, although I don’t know from what. I have never logged into the site from mobile so it doesn’t know who I am. I have everything on in BPS except the Anti-spam. This site isn’t indexed in google.Dave
[403 GET / HEAD Request: April 5, 2014 2:48 am] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 70.215.133.73 Host Name: 73.sub-70-215-133.myvzw.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://youneedthissite.com/site1/outdoor-kitchens/ REQUEST_URI: /site1/wp-content/uploads/2014/03/734149_326731797432920_1870835995_n-820x450@2x.jpg QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (iPod touch; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53
AITpro AdminKeymasterUPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494
@2x images are used in Responsive website design and specifically by Retina, which automatically resize images based on pixel density (pixels per inch/PPI) for devices.
Retina Info: http://en.wikipedia.org/wiki/Retina_Display
…When an Apple product has a Retina Display, each user interface widget is doubled in width and height to compensate for the smaller pixels. Apple calls this mode HiDPI mode. Apple has applied to register the term “Retina” as a trademark in regard to computers and mobile devices…
What I assume is happening is that the Retina script on your device is doing several different things and one of those things is being blocked by BPS. Since the images display correctly when viewing the site from a desktop interface and from a mobile device you can disregard these Security Log entries.
David GParticipantWhat I assume is happening is that the Retina script on your device is doing several different things and one of those things is being blocked by BPS. Since the images display correctly when viewing the site from a desktop interface and from a mobile device you can disregard these Security Log entries.
Is there any way to filter out these particular log entries? I tried entering in the code mentioned above regarding 2x – skip/bypass rule, but did not change anything, or is that for something else and I am not understanding?
AITpro AdminKeymasterUPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494
You do not need to do anything – just ignore those log entries. BPS log files are automatically zipped and emailed to you. The BPS Security Log is just like a Server log. It logs information for troubleshooting, diagnostics and just general stuff. Log files are log files so unless you are troubleshooting something in particular then log entries are just log entries and nothing more needs to be done with, to or about them.
The Security Log alerts can be turned On or Off on the S-Monitor page so if the real question is “how to not be alerted about this” then the answer is to turn of Security Log alerts.
AITpro AdminKeymasterThe Security Log alerts can be turned On or Off on the S-Monitor page so if the real question is “how to not be alerted about this” then the answer is to turn of Security Log alerts.
David GParticipantI don’t want to turn off the logs, especially when testing the site. Can I use “Add User Agents/Bots to Ignore/Not Log to filter out these entries? In the last line of the error message it shows the quoted message below. If so what part of that do I add?
HTTP_USER_AGENT: Mozilla/5.0 (iPod touch; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53
AITpro AdminKeymasterSure if that is what you want to do. Just remember to remove that ignore rule after you are done. You can use any part of the User Agent string that is unique. Probably iPod touch is fine to use.
David GParticipantI used
iPod touch; CPU iPhone OS 7_1 like Mac OS X
and that worked. Not getting error messages now.
Thanks
AITpro AdminKeymasterUPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494
Ok, but “Not getting error messages now.” is not the correct terminology. We are trying to correct the impression that Security Log entries are “errors”. The Security Log is a troubleshooting, diagnostic tool and it also logs blocked hackers, spammers, etc. I just want to reemphasize so that anyone viewing this Forum Topic will understand that the Security Log creates log entries based on HTTP Response Status Codes. Log entries are not “errors” in the sense that something is wrong. Log entries log events that occur. Those events can be several different things, but 99.99% of all log entries are blocked hackers, spammers, scrapers, bad bots, etc.
If we chose to add log events for HTTP Status Response 200 codes then the BPS Security Log would be identical to your Apache Server log that logs all Requests that are made to a website. That would be completely unnecessary and a waste of resources since your Apache Server is already logging these Requests/events. The Security Log only logs 403 HTTP Status Response Codes because that is all that we want to be looking at.
impartParticipant[Topic merged into this relevant Topic]
Hi,I am using the WP Retina 2x plugin and everytime I call my website from my retina pad I get the following entries in my security log, this is when it wants to load my logos. Why is that? Thanks for your help!
[403 GET|HEAD Request: 14. November 2015 - 20:14] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 178.162.xxx.xx Host Name: hosted-by.leaseweb.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 178.162.xxx.xx HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://impure-art.com/ REQUEST_URI: /wp-content/uploads/2015/09/impure-logo@2x@2x.png QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Android 5.0.2; Tablet; rv:42.0) Gecko/42.0 Firefox/42.0 [403 GET|HEAD Request: 14. November 2015 - 20:14] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 178.162.xxx.xx Host Name: hosted-by.leaseweb.com SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 178.162.xxx.xx HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://impure-art.com/ REQUEST_URI: /wp-content/uploads/2015/09/impure-logo-trans@2x@2x.png QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Android 5.0.2; Tablet; rv:42.0) Gecko/42.0 Firefox/42.0
AITpro AdminKeymasterUPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494
Since you have a Proxy then add the IP address that you see in the REMOTE_ADDR Security Log entry field by doing the steps below. This may or may not affect/fix the Retina 2x image file Security Log logging issue. If you are still seeing the Security Log entries for Retina 2x image files then you can consider them nuisance errors and just ignore them since the Retina 2x image files are retrievable and are not actually being blocked.
Note: I checked your site with the Google Chome Developer Tools Mobile Device emulator using Apple iPad (emulate Touch Screen) and adjusted Pixel Ratio and your Logo displayed fine at all resolutions tested.
1. Add the IP Address that you see in the REMOTE_ADDR Security Log entry field in the Plugin Firewall Additional Whitelist Tools > Whitelist by Hostname (domain name) and IP Address tool.
2. Click the Save Whitelist Options button.
3. Click the Plugin Firewall BulletProof Mode Activate button.impartParticipantThanks for your quick reply!!
Regarding your note, yes I can see your tryouts in my security log because I have these entries with the same (your) IP about 10 times now. So this means I can ignore the message, right? Because it doesn’t make sense to whitelist my IP if I also get the messages from your IP. Problem I see : If this happens everytime a retina image is called in the future when the website is finished the log will be full of these messages and I will never have a look at the log again searching for a real attack between all these messages…
[Security Log entry deleted]
-
AuthorPosts
- You must be logged in to reply to this topic.