Home › Forums › BulletProof Security Free › Site Analyzer blocked – Submit Express Site Analyzer
- This topic has 10 replies, 3 voices, and was last updated 7 years, 7 months ago by
ila lila.
-
AuthorPosts
-
Mark
ParticipantWhen I try to use a site analyzer like www.submitexpress.com/analyzer/ I get a 403 error. Does this mean that search engine agents are being blocked too?
BPS .48.5 WP 3.5.1
AITpro Admin
KeymasterPost the error from your BPS Security log that directly relates to this error. DO NOT post your entire Security Log file and ONLY post the relevant log entry/error for this issue.
AITpro Admin
KeymasterIs this the Site Analyzer that you are talking about?
http://www.site-analyzer.com/en/report/forum.ait-pro.com
I just ran this on this Forum and there were no errors.
Oops I did not see that you posted a link to the Site Analyzer you are talking about. Will test that one.
AITpro Admin
KeymasterThe Security Log entry/error is:
>>>>>>>>>>> 403 GET or Other Request Error Logged - May 28, 2013 - 11:24 am <<<<<<<<<<< REMOTE_ADDR: 87.106.133.245 Host Name: 87.106.133.245 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: SiteAnalyzerBot
I am testing what is being blocked. Most likely this analyzer is making a HEAD Request.
AITpro Admin
KeymasterThere are actually several different things that are being blocked in this analyzer script/site: http: //www.submitexpress.com/cgi-bin/analyzer/metahtn.pl. It might be possible to whitelist this script, but it would be very dangerous for your website to do that. What I recommend is that if you want to analyze your site with this Perl script metahtn.pl from this website then you will need to deactivate BulletProof Modes to perform the scan and after the scan is done turn your website security back on by activating BulletProof Modes again.
Mark
Participant>>>>>>>>>>>> 403 GET or Other Request Error Logged – May 28, 2013 – 10:33 am <<<<<<<<<<<
REMOTE_ADDR: 173.255.233.124
Host Name: sitecheck2.sucuri.net
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /readme.html
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6Not a problem to deactivate BPS to analyze. Just want to assure that Google and other search engines are able to index the site. Thanks.
AITpro Admin
KeymasterBPS does not block any good bots. What has happened is that when we added the Security Log folks started thinking that BPS blocks good bots. Bot scripts may be doing several different things at the same time and one of those things that the bot script is doing violates your website security rules/conditions. So the end result is that nothing negative occurs except that you end up with a 403 nuisance error in your Security Log for whatever additional thing that the bot script is doing that violates your website security rules/conditions.
The Sucuri error above occurs because BPS blocks browser access to your WordPress readme.html file in your root .htaccess file. To allow access to the WordPress readme.html file you would remove readme\.html| from this security filter in your root .htaccess file.
# DENY BROWSER ACCESS TO THESE FILES # wp-config.php, bb-config.php, php.ini, php5.ini, readme.html # Replace Allow from 88.77.66.55 with your current IP address and remove the # pound sign # from in front of the Allow from line of code below to access these # files directly from your browser. <FilesMatch "^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php)"> Order allow,deny Deny from all #Allow from 88.77.66.55 </FilesMatch>
Mark
ParticipantThanks. I did not realize that what I posted was the sucuri log entry. I received no error message in my browser when I did the sucuri scan. I did get the <b>Error: 403 Forbidden</b> in my browser every time I ran www.submitexpress.com/analyzer. However I am not finding anything in the Security Log for www.submitexpress.com.
Also, http://www.site-analyzer.com/ seems to run OK.
AITpro Admin
KeymasterYes, Sucuri expects that you have protected your readme.html file since they are a website security provider and handle this gracefully by not displaying any unnecessary/nuisance error messages.
Yes, submitexpress is handling error reporting on their end in the Perl script.
I posted the submitexpress error above – it is the SiteAnalyzerBot log entry, but there are several things that this script is doing and to whitelist all of the things required to allow this script full access to protected folders and files this would open up several very dangerous security vulnerabilities for your website. Since this is not an ongoing thing that is needed then the simple solution is to drop your website defenses temporarily to allow this script to do what it does.
AITpro Admin
KeymasterActually the SiteAnalyzerBot log entries were some other nuisance bot that just happened to be doing what nuisance bots do – being a nuisance – at the same time that I was testing the analyzer site. This is not a legitmate bot and is just another junk bot – one of millions of junk bots.
ila lila
Participant[Looks like a typical non-useful SPAM link so the link has been nulled]
Submit Express Site Analyzer websitehttp://seo1s.com
-
AuthorPosts
- You must be logged in to reply to this topic.