Stats plugin – admin @ 2x.php file, @2x images, Retina, Responsive

Home Forums BulletProof Security Pro Stats plugin – admin @ 2x.php file, @2x images, Retina, Responsive

Viewing 15 posts - 1 through 15 (of 44 total)
  • Author
    Posts
  • #10542
    Paulin Halenria
    Participant

    Hello

    I’m not 100% sure, but it seems I got errors on a website with the display of stats in the admin bar

    REQUEST_METHOD: GET
    HTTP_REFERER: http://lasolutionestenvous.com/
    REQUEST_URI: /wp-admin/admin@2x.php?page=stats&noheader&proxy&chart=admin-bar-hours-scale-2x
    QUERY_STRING: 
    HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/536.30.1 (KHTML, like Gecko) Version/6.0.5 Safari/536.30.1

    As far I found on Google, it seems linked to the little stats icon in the admin bar…

    As I’m not sure, I don’t know which info could be useful to find help…

    PH

    #10543
    AITpro Admin
    Keymaster

    UPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494

    Based on the error it appears that you would need to whitelist this file in your wp-admin .htaccess file.

    1.  Copy this code below to this BPS Custom Code text box:   
    2.  Click the Save wp-admin Custom Code button.
    3.  Go to the BPS Security Modes page and click the wp-admin BulletProof Mode Activate button.

    # admin @ 2x.php skip/bypass rule
    RewriteCond %{REQUEST_URI} (admin@2x\.php) [NC]
    RewriteRule . - [S=2]
    #10547
    AITpro Admin
    Keymaster

    Is this the JetPack Stats plugin?  This URI looks very odd to me…

    /wp-admin/admin@2x.php?page=stats&noheader&proxy&chart=admin-bar-hours-scale-2x

    …I did some Google searches and I see this URI for the JetPack Stats plugin instead…

    /wp-admin/admin.php?page=stats&noheader&proxy&chart=admin-bar-hours-scale-2x

    I have seen @2x used with Image files, but have never see this used with a php file and especially not a WP Core file.

    #14606
    AITpro Admin
    Keymaster

    Email Question:

    Good Evening,
    I have been running all my plugins on the test site. When I am viewing the site from my IPOD (just viewing, not logging in) I get security message like this. On all my photo’s. Bear in mind I am not logged into admin. I am not having any difficulty viewing the site from my mobile device, but the event code says I am blocked, although I don’t know from what. I have never logged into the site from mobile so it doesn’t know who I am. I have everything on in BPS except the Anti-spam. This site isn’t indexed in google.

    Dave

    [403 GET / HEAD Request: April 5, 2014 2:48 am]
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 70.215.133.73
    Host Name: 73.sub-70-215-133.myvzw.com
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://youneedthissite.com/site1/outdoor-kitchens/
    REQUEST_URI: /site1/wp-content/uploads/2014/03/734149_326731797432920_1870835995_n-820x450@2x.jpg
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (iPod touch; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53
    #14607
    AITpro Admin
    Keymaster

    UPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494

    @2x images are used in Responsive website design and specifically by Retina, which automatically resize images based on pixel density (pixels per inch/PPI) for devices.

    Retina Info:  http://en.wikipedia.org/wiki/Retina_Display

    …When an Apple product has a Retina Display, each user interface widget is doubled in width and height to compensate for the smaller pixels. Apple calls this mode HiDPI mode. Apple has applied to register the term “Retina” as a trademark in regard to computers and mobile devices…

    What I assume is happening is that the Retina script on your device is doing several different things and one of those things is being blocked by BPS.  Since the images display correctly when viewing the site from a desktop interface and from a mobile device you can disregard these Security Log entries.

    #14609
    David G
    Participant

    What I assume is happening is that the Retina script on your device is doing several different things and one of those things is being blocked by BPS.  Since the images display correctly when viewing the site from a desktop interface and from a mobile device you can disregard these Security Log entries.

    Is there any way to filter out these particular log entries? I tried entering in the code mentioned above regarding 2x – skip/bypass rule, but did not change anything, or is that for something else and I am not understanding?

     

    #14610
    AITpro Admin
    Keymaster

    UPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494

    You do not need to do anything – just ignore those log entries.  BPS log files are automatically zipped and emailed to you.  The BPS Security Log is just like a Server log.  It logs information for troubleshooting, diagnostics and just general stuff.  Log files are log files so unless you are troubleshooting something in particular then log entries are just log entries and nothing more needs to be done with, to or about them.

    The Security Log alerts can be turned On or Off on the S-Monitor page so if the real question is “how to not be alerted about this” then the answer is to turn of Security Log alerts.

    #14612
    AITpro Admin
    Keymaster

    The Security Log alerts can be turned On or Off on the S-Monitor page so if the real question is “how to not be alerted about this” then the answer is to turn of Security Log alerts.

    #14613
    David G
    Participant

    I don’t want to turn off the logs, especially when testing the site. Can I use “Add User Agents/Bots to Ignore/Not Log to filter out these entries? In the last line of the error message it shows the quoted message below. If so what part of that do I add?

    HTTP_USER_AGENT: Mozilla/5.0 (iPod touch; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53
    #14615
    AITpro Admin
    Keymaster

    Sure if that is what you want to do.  Just remember to remove that ignore rule after you are done.  You can use any part of the User Agent string that is unique.  Probably iPod touch is fine to use.

    #14620
    David G
    Participant

    I used

    iPod touch; CPU iPhone OS 7_1 like Mac OS X

    and that worked. Not getting error messages now.

    Thanks

     

    #14621
    AITpro Admin
    Keymaster

    UPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494

    Ok, but “Not getting error messages now.” is not the correct terminology.  We are trying to correct the impression that Security Log entries are “errors”.  The Security Log is a troubleshooting, diagnostic tool and it also logs blocked hackers, spammers, etc.  I just want to reemphasize so that anyone viewing this Forum Topic will understand that the Security Log creates log entries based on HTTP Response Status Codes.  Log entries are not “errors” in the sense that something is wrong.  Log entries log events that occur.  Those events can be several different things, but 99.99% of all log entries are blocked hackers, spammers, scrapers, bad bots, etc.

    If we chose to add log events for HTTP Status Response 200 codes then the BPS Security Log would be identical to your Apache Server log that logs all Requests that are made to a website.  That would be completely unnecessary and a waste of resources since your Apache Server is already logging these Requests/events.  The Security Log only logs 403 HTTP Status Response Codes because that is all that we want to be looking at.

    #26317
    impart
    Participant

    [Topic merged into this relevant Topic]
    Hi,

    I am using the WP Retina 2x plugin and everytime I call my website from my retina pad I get the following entries in my security log, this is when it wants to load my logos. Why is that? Thanks for your help!

    [403 GET|HEAD Request: 14. November 2015 - 20:14]
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 178.162.xxx.xx
    Host Name: hosted-by.leaseweb.com
    SERVER_PROTOCOL: HTTP/1.0
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR: 178.162.xxx.xx
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://impure-art.com/
    REQUEST_URI: /wp-content/uploads/2015/09/impure-logo@2x@2x.png
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Android 5.0.2; Tablet; rv:42.0) Gecko/42.0 Firefox/42.0
    
    [403 GET|HEAD Request: 14. November 2015 - 20:14]
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 178.162.xxx.xx
    Host Name: hosted-by.leaseweb.com
    SERVER_PROTOCOL: HTTP/1.0
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR: 178.162.xxx.xx
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://impure-art.com/
    REQUEST_URI: /wp-content/uploads/2015/09/impure-logo-trans@2x@2x.png
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Android 5.0.2; Tablet; rv:42.0) Gecko/42.0 Firefox/42.0
    #26335
    AITpro Admin
    Keymaster

    UPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494

    Since you have a Proxy then add the IP address that you see in the REMOTE_ADDR Security Log entry field by doing the steps below.  This may or may not affect/fix the Retina 2x image file Security Log logging issue.  If you are still seeing the Security Log entries for Retina 2x image files then you can consider them nuisance errors and just ignore them since the Retina 2x image files are retrievable and are not actually being blocked.

    Note:  I checked your site with the Google Chome Developer Tools Mobile Device emulator using Apple iPad (emulate Touch Screen) and adjusted Pixel Ratio and your Logo displayed fine at all resolutions tested.

    1. Add the IP Address that you see in the REMOTE_ADDR Security Log entry field in the Plugin Firewall Additional Whitelist Tools > Whitelist by Hostname (domain name) and IP Address tool.
    2. Click the Save Whitelist Options button.
    3. Click the Plugin Firewall BulletProof Mode Activate button.

    #26339
    impart
    Participant

    Thanks for your quick reply!!

    Regarding your note, yes I can see your tryouts in my security log because I have these entries with the same (your) IP about 10 times now.  So this means I can ignore the message, right? Because it doesn’t make sense to whitelist my IP if I also get the messages from your IP. Problem I see : If this happens everytime a retina image is called in the future when the website is finished the log will be full of these messages and I will never have a look at the log again searching for a real attack between all these messages…

    [Security Log entry deleted]

Viewing 15 posts - 1 through 15 (of 44 total)
  • You must be logged in to reply to this topic.