UptimeRobot – Whitelist UptimeRobot Bot

Home Forums BulletProof Security Pro UptimeRobot – Whitelist UptimeRobot Bot

Viewing 15 posts - 1 through 15 (of 26 total)
  • Author
    Posts
  • #3570
    protection
    Participant

    Hello –

    I upgraded my BPS Pro plugin to version 5.7 today.  I’m getting a bunch of these 403 errors in my security log:

    >>>>>>>>>>> 403 GET or Other Request Error Logged - March 29, 2013 - 11:49 am <<<<<<<<<<<
    REMOTE_ADDR: 74.86.158.106
    Host Name: 74.86.158.106-static.reverse.softlayer.com
    HTTP_CLIENT_IP: 
    HTTP_FORWARDED: 
    >HTTP_X_FORWARDED_FOR: 
    HTTP_X_CLUSTER_CLIENT_IP: 
    REQUEST_METHOD: GET
    HTTP_REFERER: 
    REQUEST_URI: /
    QUERY_STRING: 
    HTTP_USER_AGENT: Mozilla/5.0+(compatible; UptimeRobot/2.0; http://www.uptimerobot.com/)

    Seeing as this isn’t pointing to any type of plugin or URL, what could be the problem?

    #3572
    protection
    Participant

    Update – I am using uptimerobot.com to test when my site might be down.  How can I add them to the whitelist?
    I did, however, see other messages like this that didn’t display uptimerobot.com

    #3578
    AITpro Admin
    Keymaster

    If you would like to allow a Bot to make HEAD Requests on your website then modify this Request Method filter in your Root .htaccess file and add the name of the Bot that you want to allow to make a HEAD Request on your website.  Example Bot:  UptimeRobot/1.0.  You would add only the Bot name and not the version number to the HTTP_USER_AGENT whitelist condition:RewriteCond %{HTTP_USER_AGENT} !^(UptimeRobot) [NC]

    BPS Pro 11.6+ & BPS free .53.2+
    You may see this code or the 11.5+/.53.1+ code in your root htaccess file.  The code does the same exact thing and is whitelisted in the same exact way.

    # REQUEST METHODS FILTERED
    # If you want to allow HEAD Requests use BPS Custom Code and copy
    # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
    # text box: CUSTOM CODE REQUEST METHODS FILTERED.
    # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
    RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
    RewriteRule ^(.*)$ - [F]
    #RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
    #RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L]

    BPS Pro 11.5+ & BPS free .53.1+

    # REQUEST METHODS FILTERED
    # If you want to allow HEAD Requests use BPS Custom Code and copy
    # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
    # text box: CUSTOM CODE REQUEST METHODS FILTERED.
    # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
    RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
    RewriteRule ^(.*)$ - [F]
    RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
    RewriteCond %{HTTP_USER_AGENT} !^(UptimeRobot|bot2|bot3|bot4) [NC]
    RewriteRule ^(.*)$ - [R=405,L]

    BPS Pro 11.4|BPS free .53 and lower versions

    # REQUEST METHODS FILTERED
    # This filter is for blocking junk bots and spam bots from making a HEAD request, but may also block some
    # HEAD request from bots that you want to allow in certains cases. This is not a security filter and is just
    # a nuisance filter. This filter will not block any important bots like the google bot. If you want to allow
    # all bots to make a HEAD request then remove HEAD from the Request Method filter.
    # The TRACE, DELETE, TRACK and DEBUG request methods should never be allowed against your website.
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
    RewriteCond %{HTTP_USER_AGENT} !^(UptimeRobot|bot2|bot3|bot4) [NC]
    RewriteRule ^(.*)$ - [F,L]
    #5005
    protection
    Participant

    Many thanks to you for this solution!  Sorry, I did not know you had responded until today.

    #5008
    protection
    Participant

    Update – It looks like I spoke too soon up above, but the resolution in http://wordpress.org/support/topic/bps-pro-blocking-uptime-monitor forum seemed to do the trick!  I had to add the below info to my plugin .htaccess file. The funny thing is that I don’t have a plugin using uptimeRobot.

    #5016
    AITpro Admin
    Keymaster

    Just because you see a logged User Agent does not mean it is really that User Agent.  I have had hacking attempts by Google, MSN and Yahoo.  Last time I checked Google, MSN and Yahoo don’t do any hacking. LOL

    #5017
    protection
    Participant

    and sorry, I could not get the ‘code’ format in my last post to work, but I think you know what I mean 😉

    #5018
    protection
    Participant

    Good to know!

    #5019
    AITpro Admin
    Keymaster

    other tags that make the nice gray background are “pre” tags.  You can use both pre and code tags together pre code – code pre with opening and closing angle brackets. < and >

    #5022
    protection
    Participant

    Yeah, I tried doing that, but for whatever reason didn’t work

    #5024
    AITpro Admin
    Keymaster

    Hmm I had assumed the pre tags were allowed by default.  I will add them tomorrow.

    #5030
    protection
    Participant

    Yet another update – I felt a bit uncomfortable with the last workaround, even though I stopped getting the security alert error messages. What I did was revert my .htaccess files (root and plugins directory) to what they were prior to me changing them. I then added ‘UptimeRobot’ to the section in the security log named ‘Add User Agents/Bots to Ignore/Not Log’. This seems to have done the trick for not getting the alert 🙂

    #5104
    protection
    Participant

    Yet another update in case somebody in the future has this problem –  As opposed to setting the rewrite condition for HTTP_USER_AGENT I tried the rewrite condition on the REMOTE_ADDRESS and it works fine.  I know UptimeRobot has about 7 IP addresses, so I’ll probably add them all later on.  Below is what worked for me in my root .htaccess file.
    Note: Before I attempted adding this to my root .htaccess I removed ‘UptimeRobot’ from my list of agents/bots to ignore and made sure to have security logging enabled, just to make sure that this is truly whitelisting the IP.

    BPS Pro 11.6+ & BPS free .53.2+
    You may see this code or the 11.5+/.53.1+ code in your root htaccess file.  The code does the same exact thing and is whitelisted in the same exact way.

    # REQUEST METHODS FILTERED
    # If you want to allow HEAD Requests use BPS Custom Code and copy
    # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
    # text box: CUSTOM CODE REQUEST METHODS FILTERED.
    # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
    RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
    RewriteRule ^(.*)$ - [F]
    #RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
    #RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L]

    BPS Pro 11.5+ & BPS free .53.1+

    # REQUEST METHODS FILTERED
    # If you want to allow HEAD Requests use BPS Custom Code and copy
    # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code
    # text box: CUSTOM CODE REQUEST METHODS FILTERED.
    # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
    RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
    RewriteRule ^(.*)$ - [F]
    RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
    RewriteCond %{REMOTE_ADDR} !^(74.86.158.107) [NC]
    RewriteRule ^(.*)$ - [R=405,L]

    BPS Pro 11.4|BPS free .53 and lower versions

    # REQUEST METHODS FILTERED
    # This filter is for blocking junk bots and spam bots from making a HEAD request, but may also block some
    # HEAD request from bots that you want to allow in certains cases. This is not a security filter and is just
    # a nuisance filter. This filter will not block any important bots like the google bot. If you want to allow
    # all bots to make a HEAD request then remove HEAD from the Request Method filter.
    # The TRACE, DELETE, TRACK and DEBUG request methods should never be allowed against your website.
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
    RewriteCond %{REMOTE_ADDR} !^(74.86.158.107) [NC]
    RewriteRule ^(.*)$ - [F,L]
    #5108
    protection
    Participant

    Sorry, I wish I could get the formatting to work up above 🙁

    #5109
    AITpro Admin
    Keymaster

    After BPS Pro 5.8 is released either tonight or tomorrow I will look at adding pre tags as an option in the Forum.  They are currently being blocked so code tags are the only option available to non-admins.  Thanks for using the code tags.

Viewing 15 posts - 1 through 15 (of 26 total)
  • You must be logged in to reply to this topic.