Home › Forums › BulletProof Security Free › Twitter Cards Images – 403 error
Tagged: 403 error
- This topic has 4 replies, 2 voices, and was last updated 5 years, 11 months ago by
Javier.
-
AuthorPosts
-
Javier
ParticipantHi,
when I submit a new twitter I want to show a image with the link, but the image is not showed due to BPS htaccess root file. When I’ve deactivated Root Folder BulletProof Mode (RBM) the images start to be showed.How can I whitelist twitter to access directly images and not having a 403 forbidden?? Same will be fine for google images and facebook.
Thanks in advance.
AITpro Admin
KeymasterGo to the BPS Security Log page and copy the Security Log entry that shows what is being blocked in Twitter Cards and paste the Security Log entry in your forum reply. Are you using a plugin that adds Twitter Cards or are you using a custom script that adds Twitter Cards?
Javier
ParticipantHi, I’m adding the cards manually in the header of thw web. Here is the log
Twitter: [403 GET Request: 28/06/2017 - 15:40] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 199.59.150.180 Host Name: r-199-59-150-180.twttr.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2013/09/apis_melliferav.jpg QUERY_STRING: HTTP_USER_AGENT: Twitterbot/1.0 Google: [403 GET Request: 28/06/2017 - 15:40] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 81.41.133.90 Host Name: 90.red-81-41-133.staticip.rima-tde.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://www.google.es/ REQUEST_URI: /wp-content/uploads/2013/04/pulpo-mimetico2.jpg QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Facebook: [403 GET Request: 28/06/2017 - 15:41] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 2a03:2880:3010:cfe9:face:b00c:0:8000 Host Name: 2a03:2880:3010:cfe9:face:b00c:0:8000 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2014/02/silky-ant-eaterv.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)
Thank you
AITpro Admin
KeymasterI don’t see anything in the Security Log entry that you posted that would be blocked. When I test the link from your Twitter account to your website the link works fine. When I test viewing the image in Google Images and from your website directly the image opens fine. Have you added any additional custom htaccess code to BPS Custom Code? If so, post your custom htaccess code in your forum reply. Another possibility could be that a HEAD Request is being made in addition to an image GET Request. Try whitelisting all HEAD Requests using the steps below.
1. Copy the htaccess code below to this BPS Root Custom Code text box: CUSTOM CODE REQUEST METHODS FILTERED.
2. Click the Save Root Custom Code button.
3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.# REQUEST METHODS FILTERED # If you want to allow HEAD Requests use BPS Custom Code and copy # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code # text box: CUSTOM CODE REQUEST METHODS FILTERED. # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps. RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC] RewriteRule ^(.*)$ - [F] #RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC] #RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L]
Javier
ParticipantHi, thans for the info. Finally I’ve updated the plugin and all is working ok. Now the twitter images are not grey and are readed correctly. Thank you!
-
AuthorPosts
- You must be logged in to reply to this topic.