Topic: Stats plugin – admin @ 2x.php file, @2x images, Retina, Responsive

Stats plugin – admin @ 2x.php file, @2x images, Retina, Responsive

Tagged: @2x images, admin@2x.php, Responsive, Retina, Stats plugin

This topic has 43 replies, 6 voices, and was last updated 7 years, 8 months ago by AITpro Admin.

Viewing 15 posts - 1 through 15 (of 44 total)

1 2 3 →

Author

Posts
October 14, 2013 at 12:52 pm #10542
Paulin Halenria
Participant
Hello

I’m not 100% sure, but it seems I got errors on a website with the display of stats in the admin bar
```
REQUEST_METHOD: GET
HTTP_REFERER: http://lasolutionestenvous.com/
REQUEST_URI: /wp-admin/admin@2x.php?page=stats&noheader&proxy&chart=admin-bar-hours-scale-2x
QUERY_STRING: 
HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/536.30.1 (KHTML, like Gecko) Version/6.0.5 Safari/536.30.1
```
As far I found on Google, it seems linked to the little stats icon in the admin bar…

As I’m not sure, I don’t know which info could be useful to find help…

PH
October 14, 2013 at 1:05 pm #10543
AITpro Admin
Keymaster
UPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494

Based on the error it appears that you would need to whitelist this file in your wp-admin .htaccess file.

1. Copy this code below to this BPS Custom Code text box: CUSTOM CODE WPADMIN PLUGIN FIXES: Add ONLY WPADMIN personal plugin fixes code here
2. Click the Save wp-admin Custom Code button.
3. Go to the BPS Security Modes page and click the wp-admin BulletProof Mode Activate button.
```
# admin @ 2x.php skip/bypass rule
RewriteCond %{REQUEST_URI} (admin@2x\.php) [NC]
RewriteRule . - [S=2]
```
October 14, 2013 at 3:16 pm #10547
AITpro Admin
Keymaster
Is this the JetPack Stats plugin? This URI looks very odd to me…
```
/wp-admin/admin@2x.php?page=stats&noheader&proxy&chart=admin-bar-hours-scale-2x
```
…I did some Google searches and I see this URI for the JetPack Stats plugin instead…
```
/wp-admin/admin.php?page=stats&noheader&proxy&chart=admin-bar-hours-scale-2x
```
I have seen @2x used with Image files, but have never see this used with a php file and especially not a WP Core file.
April 5, 2014 at 8:13 am #14606
AITpro Admin
Keymaster
Email Question:

Good Evening,
I have been running all my plugins on the test site. When I am viewing the site from my IPOD (just viewing, not logging in) I get security message like this. On all my photo’s. Bear in mind I am not logged into admin. I am not having any difficulty viewing the site from my mobile device, but the event code says I am blocked, although I don’t know from what. I have never logged into the site from mobile so it doesn’t know who I am. I have everything on in BPS except the Anti-spam. This site isn’t indexed in google.

Dave
```
[403 GET / HEAD Request: April 5, 2014 2:48 am]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 70.215.133.73
Host Name: 73.sub-70-215-133.myvzw.com
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: http://youneedthissite.com/site1/outdoor-kitchens/
REQUEST_URI: /site1/wp-content/uploads/2014/03/734149_326731797432920_1870835995_n-820x450@2x.jpg
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (iPod touch; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53
```
April 5, 2014 at 8:38 am #14607
AITpro Admin
Keymaster

UPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494

@2x images are used in Responsive website design and specifically by Retina, which automatically resize images based on pixel density (pixels per inch/PPI) for devices.

Retina Info: http://en.wikipedia.org/wiki/Retina_Display

…When an Apple product has a Retina Display, each user interface widget is doubled in width and height to compensate for the smaller pixels. Apple calls this mode HiDPI mode. Apple has applied to register the term “Retina” as a trademark in regard to computers and mobile devices…

What I assume is happening is that the Retina script on your device is doing several different things and one of those things is being blocked by BPS. Since the images display correctly when viewing the site from a desktop interface and from a mobile device you can disregard these Security Log entries.
April 5, 2014 at 10:14 am #14609
David G
Participant

What I assume is happening is that the Retina script on your device is doing several different things and one of those things is being blocked by BPS. Since the images display correctly when viewing the site from a desktop interface and from a mobile device you can disregard these Security Log entries.

Is there any way to filter out these particular log entries? I tried entering in the code mentioned above regarding 2x – skip/bypass rule, but did not change anything, or is that for something else and I am not understanding?
April 5, 2014 at 10:23 am #14610
AITpro Admin
Keymaster

UPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494

You do not need to do anything – just ignore those log entries. BPS log files are automatically zipped and emailed to you. The BPS Security Log is just like a Server log. It logs information for troubleshooting, diagnostics and just general stuff. Log files are log files so unless you are troubleshooting something in particular then log entries are just log entries and nothing more needs to be done with, to or about them.

The Security Log alerts can be turned On or Off on the S-Monitor page so if the real question is “how to not be alerted about this” then the answer is to turn of Security Log alerts.
April 5, 2014 at 10:27 am #14612
AITpro Admin
Keymaster

The Security Log alerts can be turned On or Off on the S-Monitor page so if the real question is “how to not be alerted about this” then the answer is to turn of Security Log alerts.
April 5, 2014 at 10:50 am #14613
David G
Participant
I don’t want to turn off the logs, especially when testing the site. Can I use “Add User Agents/Bots to Ignore/Not Log to filter out these entries? In the last line of the error message it shows the quoted message below. If so what part of that do I add?
```
HTTP_USER_AGENT: Mozilla/5.0 (iPod touch; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53
```
April 5, 2014 at 11:01 am #14615
AITpro Admin
Keymaster

Sure if that is what you want to do. Just remember to remove that ignore rule after you are done. You can use any part of the User Agent string that is unique. Probably iPod touch is fine to use.
April 5, 2014 at 11:15 am #14620
David G
Participant
I used
```
iPod touch; CPU iPhone OS 7_1 like Mac OS X
```
and that worked. Not getting error messages now.

Thanks
April 5, 2014 at 11:28 am #14621
AITpro Admin
Keymaster

UPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494

Ok, but “Not getting error messages now.” is not the correct terminology. We are trying to correct the impression that Security Log entries are “errors”. The Security Log is a troubleshooting, diagnostic tool and it also logs blocked hackers, spammers, etc. I just want to reemphasize so that anyone viewing this Forum Topic will understand that the Security Log creates log entries based on HTTP Response Status Codes. Log entries are not “errors” in the sense that something is wrong. Log entries log events that occur. Those events can be several different things, but 99.99% of all log entries are blocked hackers, spammers, scrapers, bad bots, etc.

If we chose to add log events for HTTP Status Response 200 codes then the BPS Security Log would be identical to your Apache Server log that logs all Requests that are made to a website. That would be completely unnecessary and a waste of resources since your Apache Server is already logging these Requests/events. The Security Log only logs 403 HTTP Status Response Codes because that is all that we want to be looking at.
November 14, 2015 at 11:31 am #26317
impart
Participant
[Topic merged into this relevant Topic]
Hi,

I am using the WP Retina 2x plugin and everytime I call my website from my retina pad I get the following entries in my security log, this is when it wants to load my logos. Why is that? Thanks for your help!
```
[403 GET|HEAD Request: 14. November 2015 - 20:14]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 178.162.xxx.xx
Host Name: hosted-by.leaseweb.com
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR: 178.162.xxx.xx
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: http://impure-art.com/
REQUEST_URI: /wp-content/uploads/2015/09/impure-logo@2x@2x.png
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Android 5.0.2; Tablet; rv:42.0) Gecko/42.0 Firefox/42.0

[403 GET|HEAD Request: 14. November 2015 - 20:14]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 178.162.xxx.xx
Host Name: hosted-by.leaseweb.com
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR: 178.162.xxx.xx
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: http://impure-art.com/
REQUEST_URI: /wp-content/uploads/2015/09/impure-logo-trans@2x@2x.png
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Android 5.0.2; Tablet; rv:42.0) Gecko/42.0 Firefox/42.0
```
November 14, 2015 at 12:08 pm #26335
AITpro Admin
Keymaster

UPDATE: The solution is here: http://forum.ait-pro.com/forums/topic/problem-maybe-with-displaying-stats-in-admin-bar/page/3/#post-26494

Since you have a Proxy then add the IP address that you see in the REMOTE_ADDR Security Log entry field by doing the steps below. This may or may not affect/fix the Retina 2x image file Security Log logging issue. If you are still seeing the Security Log entries for Retina 2x image files then you can consider them nuisance errors and just ignore them since the Retina 2x image files are retrievable and are not actually being blocked.

Note: I checked your site with the Google Chome Developer Tools Mobile Device emulator using Apple iPad (emulate Touch Screen) and adjusted Pixel Ratio and your Logo displayed fine at all resolutions tested.

1. Add the IP Address that you see in the REMOTE_ADDR Security Log entry field in the Plugin Firewall Additional Whitelist Tools > Whitelist by Hostname (domain name) and IP Address tool.
2. Click the Save Whitelist Options button.
3. Click the Plugin Firewall BulletProof Mode Activate button.
November 14, 2015 at 12:24 pm #26339
impart
Participant

Thanks for your quick reply!!

Regarding your note, yes I can see your tryouts in my security log because I have these entries with the same (your) IP about 10 times now. So this means I can ignore the message, right? Because it doesn’t make sense to whitelist my IP if I also get the messages from your IP. Problem I see : If this happens everytime a retina image is called in the future when the website is finished the log will be full of these messages and I will never have a look at the log again searching for a real attack between all these messages…

[Security Log entry deleted]
Author

Posts

Viewing 15 posts - 1 through 15 (of 44 total)

1 2 3 →

You must be logged in to reply to this topic.

BulletProof Security Forum

Stats plugin – admin @ 2x.php file, @2x images, Retina, Responsive

Search Forums

Topic Tags