SiteLock Scan Blocked – SiteLockSpider 403 error

Home Forums BulletProof Security Free SiteLock Scan Blocked – SiteLockSpider 403 error

This topic contains 1 reply, has 2 voices, and was last updated by  AITpro Admin 2 years ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #29750

    Deb
    Participant

    The GoDaddy hosting Sitelock app scan is not able to run. (GoDaddy pressed client into it before she talked to me and I put on BPSP.)
    Have thousands (did a count) of these types listing various pieces of script it gets caught for. Where do we allow this activity?
    I have the above code already there. Not allowing this activity.

    [403 GET Request: June 9, 2016 - 8:44 pm]
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 184.154.139.10
    Host Name: placeholder.sitelock.com
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP: 
    HTTP_FORWARDED: 
    HTTP_X_FORWARDED_FOR: 
    HTTP_X_CLUSTER_CLIENT_IP: 
    REQUEST_METHOD: GET
    HTTP_REFERER: 
    REQUEST_URI: <strong>multihtml.pl?multi=/etc/passwd%00html</strong>
    QUERY_STRING: 
    HTTP_USER_AGENT: SiteLockSpider [en] (WinNT; I ;Nav)
    [403 GET Request: June 9, 2016 - 8:10 pm]
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 184.154.139.10
    Host Name: placeholder.sitelock.com
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP: 
    HTTP_FORWARDED: 
    HTTP_X_FORWARDED_FOR: 
    HTTP_X_CLUSTER_CLIENT_IP: 
    REQUEST_METHOD: GET
    HTTP_REFERER: 
    REQUEST_URI: /cgi-bin2/
    QUERY_STRING: 
    HTTP_USER_AGENT: SiteLockSpider [en] (WinNT; I ;Nav)
    #29753

    AITpro Admin
    Keymaster

    Interesting problem.  SiteLock is scanning for things that BPS security rules are blocking.  So SiteLock is being blocked the same way a hacker would be blocked that was doing these exact same scans on your website looking for vulnerabilities/exploits.  So instead of trying to create any sort of whitelisting rules to allow these scans, I think the simplest solution is just to ignore/not log any SiteLock scan Security Log entries.

    To ignore/not log SiteLockSpider Bot log entries do these steps:

    1. Go to the Security Log page.
    2. Copy the SiteLockSpider Bot/User Agent name: SiteLockSpider into the Add User Agents|Bots to Ignore|Not Log text box.
    3. Click the Add|Ignore button.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.