Home › Forums › BulletProof Security Pro › Rank Math 403 Error
- This topic has 9 replies, 2 voices, and was last updated 1 year, 11 months ago by
AITpro Admin.
-
AuthorPosts
-
Terry
ParticipantI have the free version of Rank Math installed and attached to Google Analytics. When trying to save settings I get a 403 error unless I deactivate the root .htaccess. Even then I am not seeing traffic displayed even though I can log in directly to Google Analytics and select realtime and see if I browse to the site and different pages. Is there some whitelist code to allow the analytics to reach the website?
AITpro Admin
KeymasterGo to the BPS Pro > Security Log page > copy and paste any relevant Security Log entries in your forum reply.
Terry
ParticipantHere is the error:
[403 POST Request: May 17, 2021 - 9:54 am] BPS Pro: 15.4.1 WP: 5.7.2 Event Code: WPADMIN-SBR Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 172.127.70.3 Host Name: 172-127-70-3.lightspeed.snantx.sbcglobal.net SERVER_PROTOCOL: HTTP/2.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: POST HTTP_REFERER: https://www.copsalive.com/wp-admin/admin.php?page=rank-math-options-general REQUEST_URI: /wp-admin/admin-post.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 REQUEST BODY: BPS Security Log option set to: Do Not Log POST Request Body Data
AITpro Admin
KeymasterWhat is being blocked is a POST Request. So that means you are using the BPS POST Attack Protection Bonus Custom Code. Either remove/delete the BPS POST Attack Protection Bonus Custom Code from BPS Custom Code or do the steps below.
1. The BPS POST Attack Protection Bonus Custom Code should be in Custom Code text box: 8. CUSTOM CODE WP REWRITE LOOP START. See example below (Do not use the example code below – use your actual Root htaccess file code and your POST Attack Protection custom code). If the POST Attack Protection code is any other Custom Code text box then cut and paste it into Custom Code text box #8 as shown below (Do no use the example code – use your actual code).
2. Edit your POST Attack Protection custom code and add this whitelist rule (see example below. You can use the example whitelist rule and add it to your existing POST Attack Protection custom code.Important Note: Copy your BPS Root htaccess file WP REWRITE LOOP START section of code into Custom Code text box #8. Do not use the example code below. This example custom code is for this forum site – use your actual custom code and not this example code below.
Whitelist rule for Rank Math (see the example code below for where the whitelist rule goes in your POST Attack Protection code):
# Whitelist Rank Math POST Request by Query String RewriteCond %{QUERY_STRING} !^page=rank-math-options-general(.*) [NC]
# WP REWRITE LOOP START RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteCond %{HTTPS} !=on RewriteCond %{SERVER_PORT} ^80 RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] RewriteRule ^index\.php$ - [L] # BPS POST Request Attack Protection RewriteCond %{REQUEST_METHOD} POST [NC] # NEVER COMMENT OUT THIS LINE OF CODE BELOW FOR ANY REASON RewriteCond %{REQUEST_URI} !^.*/wp-admin/ [NC] # NEVER COMMENT OUT THIS LINE OF CODE BELOW FOR ANY REASON RewriteCond %{REQUEST_URI} !^.*/wp-cron.php [NC] # NEVER COMMENT OUT THIS LINE OF CODE BELOW FOR ANY REASON RewriteCond %{REQUEST_URI} !^.*/wp-login.php [NC] # Whitelist WP JSON POST Requests by Query String RewriteCond %{QUERY_STRING} !^_locale=(.*) [NC] # Whitelist the WordPress Theme Customizer RewriteCond %{HTTP_REFERER} !^.*/wp-admin/customize.php [NC] # Whitelist XML-RPC Pingbacks, JetPack and Remote Posting POST Requests #RewriteCond %{REQUEST_URI} !^.*/xmlrpc.php [NC] # Whitelist JSON POST Requests - Jetpack|Contact Form 7|etc. RewriteCond %{REQUEST_URI} !^.*/wp-json/(.*) [NC] # Whitelist Jetpack POST Request to wp-load.php by Query String RewriteCond %{QUERY_STRING} !^for=jetpack(.*) [NC] # Whitelist Network|Multisite Signup POST Form Requests RewriteCond %{REQUEST_URI} !^.*/wp-signup.php [NC] # Whitelist Network|Multisite Activate POST Form Requests RewriteCond %{REQUEST_URI} !^.*/wp-activate.php [NC] # Whitelist Trackback POST Requests #RewriteCond %{REQUEST_URI} !^.*/wp-trackback.php [NC] # Whitelist Comments POST Form Requests RewriteCond %{REQUEST_URI} !^.*/wp-comments-post.php [NC] # Forum POST Search RewriteCond %{REQUEST_URI} !^.*/search/ [NC] # bbPress/BuddyPress forum posting RewriteCond %{REQUEST_URI} !^.*/forums/.* [NC] # bbPress/BuddyPress forum Register Post form RewriteCond %{REQUEST_URI} !^.*/register/ [NC] # bbPress/BuddyPress Members/profile form RewriteCond %{REQUEST_URI} !^.*/members/ [NC] # bbPress/BuddyPress Activate User Account URL/form RewriteCond %{REQUEST_URI} !^.*/activate/.* [NC] # Whitelist Rank Math POST Request by Query String RewriteCond %{QUERY_STRING} !^page=rank-math-options-general(.*) [NC] RewriteRule ^(.*)$ - [F]
AITpro Admin
KeymasterActually the POST Attack Protection bonus Custom Code does not block any POST Requests in the wp-admin area by default. Did you comment out this whitelist rule below?
# NEVER COMMENT OUT THIS LINE OF CODE BELOW FOR ANY REASON RewriteCond %{REQUEST_URI} !^.*/wp-admin/ [NC]
Terry
ParticipantI don’t see the bonus code so couldn’t delete it. Tried it on another site with same problems. Found additional entries in security log as shown below:
[403 POST Request: May 18, 2021 - 10:15 am] BPS Pro: 15.4.1 WP: 5.7.2 Event Code: WPADMIN-SBR Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: GDPR Compliance On Host Name: 172-127-70-3.lightspeed.snantx.sbcglobal.net SERVER_PROTOCOL: HTTP/2.0 HTTP_CLIENT_IP: GDPR Compliance On HTTP_FORWARDED: GDPR Compliance On HTTP_X_FORWARDED_FOR: GDPR Compliance On HTTP_X_CLUSTER_CLIENT_IP: GDPR Compliance On REQUEST_METHOD: POST HTTP_REFERER: https://vtechteam.com/wp-admin/admin.php?page=rank-math-options-general REQUEST_URI: /wp-admin/admin-post.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 REQUEST BODY: BPS Security Log option set to: Do Not Log POST Request Body Data =============================================================================== [Plugin Firewall AutoPilot Mode New Whitelist Rule(s) Created: May 18, 2021 - 10:13 am] BPS Pro: 15.4.1 WP: 5.7.2 Whitelist Rule: /seo-by-rank-math/vendor/cmb2/cmb2/js/cmb2.min.js Whitelist Rule: /seo-by-rank-math/assets/vendor/jquery.validate.min.js Whitelist Rule: /seo-by-rank-math/assets/vendor/select2/select2.min.js Whitelist Rule: /seo-by-rank-math/assets/admin/js/validate.js Whitelist Rule: /seo-by-rank-math/assets/admin/js/wizard.js Whitelist Rule: /seo-by-rank-math/assets/admin/js/common.js [Internal Usage: AFS Cron: Prior ARQ Cron Status: On | May 18, 2021 - 10:13 am] [Internal Usage: AFS Cron: WP /languages/ folder backup | May 18, 2021 - 10:13 am] [Internal Usage: AFS Cron: ARQ Cron was turned On | May 18, 2021 - 10:13 am] [AutoRestore Turned Off Cron Check: May 18, 2021 - 10:14 am] This Security Log entry is created when AutoRestore is turned Off on your website. To change or turn Off this setting go to the BPS Pro S-Monitor page, under Email Alerting & Log File Options change the ARQ: When AutoRestore|Quarantine is Turned Off option setting to whatever setting you would like to use instead. ================================================================================ [403 GET Request: May 18, 2021 - 10:10 am] BPS Pro: 15 WP: 5.7.2 Event Code: PFWR-PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: GDPR Compliance On Host Name: 172-127-70-3.lightspeed.snantx.sbcglobal.net SERVER_PROTOCOL: HTTP/2.0 HTTP_CLIENT_IP: GDPR Compliance On HTTP_FORWARDED: GDPR Compliance On HTTP_X_FORWARDED_FOR: GDPR Compliance On HTTP_X_CLUSTER_CLIENT_IP: GDPR Compliance On REQUEST_METHOD: GET HTTP_REFERER: https://vtechteam.com/wp-admin/admin.php?page=rank-math-wizard&step=analytics&rankmath_security=91ce8f4091 REQUEST_URI: /wp-content/plugins/seo-by-rank-math/vendor/cmb2/cmb2/js/cmb2.min.js?ver=2.9.0 QUERY_STRING: ver=2.9.0 HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 ==================================================================================
Terry
ParticipantI can give you access in to the site if needed. There is only code in a few boxes that I believe were added by BPS setup.
AITpro Admin
KeymasterDo these troubleshooting steps below and test to see if Rank Math is working or not.
https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting
1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works.
2. On the Security Modes page, click the wp-admin Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works.
3. On the Security Modes page, click the Plugin Firewall BulletProof Mode Deactivate button. See Plugin Firewall Test Mode Note.Also there are known issues with ModSecurity blocking/preventing saving settings in Rank Math. If you are still seeing 403 errors after doing the BPS Pro troubleshooting steps then you will need to contact your web host and have them fix the ModSecurity problem.
Terry
ParticipantI have done the troubleshooting by deactivating the security modes and see that when I deactivate the root security then it works. I then went and removed the custom code from the root and reactivated it and it would still fail. So the custom code is not the issue. Every time I activate the root security it fails and every time I deactivate the root security it works.
The error in the error log is:
[403 POST Request: May 19, 2021 - 7:22 pm] BPS Pro: 15.4.1 WP: 5.7.2 Event Code: WPADMIN-SBR Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: GDPR Compliance On Host Name: 172-127-70-3.lightspeed.snantx.sbcglobal.net SERVER_PROTOCOL: HTTP/2.0 HTTP_CLIENT_IP: GDPR Compliance On HTTP_FORWARDED: GDPR Compliance On HTTP_X_FORWARDED_FOR: GDPR Compliance On HTTP_X_CLUSTER_CLIENT_IP: GDPR Compliance On REQUEST_METHOD: POST HTTP_REFERER: https://vtechteam.com/wp-admin/admin.php?page=rank-math-options-general REQUEST_URI: /wp-admin/admin-post.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 REQUEST BODY: BPS Security Log option set to: Do Not Log POST Request Body Data
AITpro Admin
KeymasterOops looks like I missed this one. Sorry about that. Is this problem still going on? If so, then yeah send me a login to your site and I’ll get this fixed.
-
AuthorPosts
- You must be logged in to reply to this topic.