Viper Cache uploads folder – 403 error

[guy te watson]

I installed Vipercache on another of my sites and BPS UAEG is blocking it per the Security Log and an error message on my front page. Below is the log enties, is there a custom code that I can get for BPS to unblock this plugin? Thanks!

[403 GET Request: June 28, 2018 8:00 am]
BPS Pro:
WP: 4.8.1
Event Code: UAEGWR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/
REMOTE_ADDR: 24.191.17.172
Host Name: ool-18bf11ac.dyn.optonline.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: http://XXXXXXXXXXX.net/
REQUEST_URI: /wp-content/uploads/vipercache/minified/aed2a5893a4ccf7ca0fcbc3e264be060/1530172708index.js
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0

[403 GET Request: June 28, 2018 8:00 am]
BPS Pro:
WP: 4.8.1
Event Code: UAEGWR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/
REMOTE_ADDR: 24.191.17.172
Host Name: ool-18bf11ac.dyn.optonline.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: http://XXXXXXXXXXX.net/
REQUEST_URI: /wp-content/uploads/vipercache/minified/ce9fe47f91da17ae489f76192c0e7c2f/1530172708index.js
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0

[AITpro Admin]

Use the CUSTOM CODE UAEG Whitelisting Method shown on the Uploads Anti-Exploit Guard UAEG – Read Me First forum topic > https://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/.

Depending on which UAEG htaccess file type was created for your particular server type you will create one of these 2 whitelisting rules below.

This whitelist rule is most likely the whitelist rule that you will create for your server type (for Apache servers):
SetEnvIf Request_URI "vipercache/.*$" whitelist

This whitelist rule is not likely the whitelist rule that you will create for your server type (for LiteSpeed servers):
RewriteRule ^vipercache/.*$ - [L]

IMPORTANT:  Do not forget to do the last step >
If you have an Apache server (this step is not required if you have a LiteSpeed server):
Delete the # signs in front of #Require env whitelist and #Allow from env=whitelist shown highlighted in yellow below in your UAEG code that you copied to CUSTOM CODE UAEG.

# FORBID THESE FILE EXTENSIONS FROM BEING ACCESSED OR EXECUTED REMOTELY
<FilesMatch "\.(7z|as|bat|bin|cgi|chm|chml|class|cmd|com|command|dat|db|db2|db3|dba|dll|DS_Store|exe|gz|hta|htaccess|htc|htm|html|htx|idc|ini|ins|isp|jar|jav|java|js|jse|jsfl|json|jsp|jsx|lib|lnk|out|php|phps|php5|php4|php3|phtml|phpt|pl|py|pyd|pyc|pyo|shtm|shtml|sql|swf|sys|tar|taz|tgz|tpl|vb|vbe|vbs|war|ws|wsf|xhtml|xml|z)$">
<IfModule mod_authz_core.c>
#Require env whitelist
Require all denied
</IfModule>

<IfModule !mod_authz_core.c>
<IfModule mod_access_compat.c>
Order Allow,Deny
#Allow from env=whitelist
Deny from all
</IfModule>
</IfModule>
</FilesMatch>

[Author]

Posts