Cannot load bulletproof-security/admin/tools/tools.php

Home Forums BulletProof Security Pro Cannot load bulletproof-security/admin/tools/tools.php

This topic contains 14 replies, has 2 voices, and was last updated by  AITpro Admin 5 years, 3 months ago.

Viewing 15 posts - 1 through 15 (of 15 total)
  • Author
    Posts
  • #14143

    Dennis
    Participant

    Greetings –

    When I try to upgrade from V8.2 of BPS Pro for any of my add on domains, I get an error message:

    "Cannot load bulletproof-security/admin/tools/tools.php. Cannot load bulletproof-security/admin/tools/tools.php."

    If I try to go directly to BPS Pro | Pro-Tools in the left sidebar of the admin area, I get a 404 for the URL

    "http://www.addon.mywebsite.com/wp-admin/bulletproof-security/admin/tools/tools.php."

    In fact, there is no /wp-admin/bulletproof-security/ folder in cPanel’s file manager.

    The main domain does not have that problem. I’m able to access the BPS Pro | Pro-Tools link cited above, but its format is a little different –

    "http://www.mywebsite.com/wp-admin/admin.php?page=bulletproof-security/admin/tools/tools.php#bps-tabs-15"

    How can I get and install the latest upgrade for the add on domains – or get rid of the error so I’m able to upgrade from the plugins page? Thanks!

    #14146

    AITpro Admin
    Keymaster

    Most likely the BPS Pro tools.php file has been quarantined by your Host.  We recently had a similar experience on Go Daddy.  Go Daddy has implemented Anti-Virus protection which is nicknamed GDAV.  So far a couple of BPS Pro files have been randomly quarantined.  The GDAV quarantine technique is to rename the file extension to .gdav and lock the file so that you cannot rename it back to its original name and you cannot change permissions for a file if it is quarantined by GDAV.  Example:  php-options.php.gdav.

    Which web host do you have?

    #14150

    Dennis
    Participant

    I’m using A Small Orange. At first blush, a quarantine issue doesn’t seem to be the problem, since the main domain works. When I use the “Manual Upgrade Check” link on the plugins page, it takes me to the “Plugin Update Check” tab of the Pro-Tools page. Clicking on the “Force Plugin Update Check” gives me a “Success! Click Here to go to the WordPress Plugins page and then Refresh your Browser. You will see new plugin updates if any are available.” Clicking that link takes me back to the plugins page, and when I refresh that page as directed, I get a message that “There is a new version of BulletProof Security Pro available. View version 8.3 details or update now.” Finally, clicking on the “update now” makes the update happen – for the main site only.

    The bulletproof-security directory (linked at the Pro-Tools in the BPS Pro sidebar), and any sub directories or files are missing for /wp-admin/bulletproof-security/ for all the sites – both the main domain and the add on domains. No directories or files have been renamed – they’re just missing. What is curious is that the “Pro-Tools” link in the BPS Pro sidebar is different for the add on domains versus the main domain. Any quarantine shouldn’t modify the link in the sidebar. (?!)

    There was no similar problem with the upgrade to v8.2.

    I’ll check to see if there’s any quarantine imposed by A Small Orange, and get back with you as soon as they respond.

    #14151

    AITpro Admin
    Keymaster

    Yep, let me know what your Host says.  My hunch is that files and/or folders have been quarantined by the Host.  Some Hosts just automatically delete the tools.php file since it contains PHP functions that can be used maliciously, but of course can be used legitimately like the tools.php file is doing.

    #14152

    Dennis
    Participant

    A Small Orange responded – “Tools.php seems to exist in all the directories. I did a diff between the tools.php file for the main site and a couple of the add on domains, and it did not show any differences. I am also not seeing our scanner flagging the file.”

    Tools.php exists in /wp-admin/ for all the domains, so no problem there.

    The /wp-admin/bulletproof-security/ directory does not exist however, so the update process fails for the add on domains.  The sidebar link dies trying to find tools.php in a subdirectory within /bulletproof-security/.

    Thoughts?

    #14153

    AITpro Admin
    Keymaster

    I guess you will need to work with your Host to figure this out.  No one has ever reported anything like this before so it is isolated to your website/server/host.  I cannot think of any logical guesses either.  Does not make any sense to me at all.  Sorry.

    #14154

    AITpro Admin
    Keymaster

    What happens when you manually upload the /bulletproof-security plugin folder to one of these add-on domains?  Do you see the /bulletproof-security folder or does it disappear/get deleted, etc?

    #14155

    AITpro Admin
    Keymaster

    Oh wait a minute I just noticed that you are looking in the wrong folder:  /wp-admin/bulletproof-security/

    All WordPress plugins are installed in the plugins folder here:  /wp-content/plugins/bulletproof-security/

    #14158

    Dennis
    Participant

    Yep, the directory is the problem. Check out a screen shot for the main domain at http://www.managemagicjack.com/wp-content/uploads/2014/03/Main-domain.jpg, which shows the sidebar link for Pro-Tools in the status bar at the bottom of the page. The status bar shortened it a bit, but here’s the whole link:

    http://www.lifeslittlechallenges.com/wp-admin/admin.php?page=bulletproof-security/admin/tools/tools.php

    The link above works, as it points to tools.php in /wp-content/plugins/bulletproof-security/admin/tools/.

    Conversely, the sidebar links for Pro-Tools in all the add on domains are similar; one is shown in the screen capture at http://www.managemagicjack.com/wp-content/uploads/2014/03/Add-ons.jpg . Note that the link shown in the status bar is significantly different, and only reads

    http://www.site-solutions.com/wp-admin/bulletproof-security/admin/tools/tools.php

    This sidebar link fails, as there is no /wp-admin/bulletproof-security/ directory. Given the absence of the /wp-admin/bulletproof-security/ directory, there can be no sub-directories or files, and subsequently there is no tools.php available; an error message is returned instead.

    It appears my installation of BPS Pro is corrupted. How can I download another copy to replace the failed copy on the server?

    Thanks.

     

    #14160

    AITpro Admin
    Keymaster

    You can download a new bulletproof-security.zip file from the Secure Download Area.  Use the BPS Pro Upload zip installer (NOT the WordPress upload zip installer) to install the BPS Pro zip file.  Click the BPS Pro Install / Backup menu link to get to the BPS Pro Upload zip installer page.  I don’t think it has to do with BPS Pro plugin files themselves.  It looks more like something you have installed on your site or something on the Server that is stripping out the query string:  admin.php?page= from the URL’s.  Are other plugin query strings being stripped?

    #14161

    Dennis
    Participant

    Gotta close up for the night. I’ll give it a go in the morning and let you know how it goes.

    To the best of my knowledge, there are no other instances where the query string is being stripped – but who knows. I may trip over similar problems tomorrow. Thanks again.

    #14163

    Dennis
    Participant

    I need a memory upgrade – forgot about the secure download area. All is well after re-installation. Thanks.

    #14164

    AITpro Admin
    Keymaster

    I did not think that would work, but cool that it did work.  Thanks for confirming everything is good now.  Thanks.

    #16343

    AITpro Admin
    Keymaster

    Email Question:

    Greetings –

    I just upgraded my sites to BSP 9.1, and got the following email from my host, A Small Orange (ASO). Any idea what they’re referring to in their malware report for BPS files?

    Email from Host:

    Hello,

    We wanted to let you know that Malware was found on your site, and the file in question was cleaned and returned to its original state, or quarantined if the malware infection was unable to be cleaned.

    The report of what was done is cut and pasted below:

    {HEX}gzbase64.inject.unclassed.18 : /home/xxxxx/public_html/xxxxx/wp-content/plugins/bulletproof-security/admin/tools/tools.php => /usr/local/maldetect/quarantine/tools.php.13661
    {HEX}gzbase64.inject.unclassed.15 : /home/xxxxx/public_html/xxxxx/wp-content/plugins/bulletproof-security/admin/tools/tools.php => /usr/local/maldetect/quarantine/tools.php.31419
    {HEX}gzbase64.inject.unclassed.18 : /home/xxxxx/public_html/xxxxx/wp-content/plugins/bulletproof-security/admin/tools/tools.php => /usr/local/maldetect/quarantine/tools.php.6422
    {HEX}gzbase64.inject.unclassed.15 : /home/xxxxx/public_html/xxxxx/wp-content/plugins/bulletproof-security/admin/tools/tools.php => /usr/local/maldetect/quarantine/tools.php.30759
    {HEX}gzbase64.inject.unclassed.18 : /home/xxxxx/public_html/xxxxx/wp-content/plugins/bulletproof-security/admin/tools/tools.php => /usr/local/maldetect/quarantine/tools.php.31140
    {HEX}gzbase64.inject.unclassed.15 : /home/xxxxx/public_html/xxxxx/wp-content/plugins/bulletproof-security/admin/tools/tools.php => /usr/local/maldetect/quarantine/tools.php.12013
    #16345

    AITpro Admin
    Keymaster

    The BPS Pro Pro-Tools tools.php file contains a Base64 Decoder/Encoder, which uses/contains standard PHP functions for Base64 encoding and decoding.  These standard php functions are also commonly used by hackers in hacking scripts so scanners may see this good/safe/legitimate code as bad/malicious code.  Check with your host and see if they can whitelist the tools.php file.  If they cannot whitelist it then you will not be able to use any of the BPS Pro Pro-Tools tools.

    http://forum.ait-pro.com/forums/topic/possible-infected-files-scanner-false-alarms/
    http://forum.ait-pro.com/forums/topic/host-asks-to-check-these-files/
    http://forum.ait-pro.com/forums/topic/my-website-was-hacked/

    Maldetect has 4 whitelisting options:

    https://github.com/waja/maldetect

    .: 8 [ IGNORE OPTIONS ]
    
    There are four ignore files available and they break down as follows:
    
    /usr/local/maldetect/ignore_paths
    A line spaced file for paths that are to be execluded from search results
    Sample ignore entry:
    /home/user/public_html/cgi-bin
    
    /usr/local/maldetect/ignore_file_ext
    A line spaced file for file extensions to be excluded from search results
    Sample ignore entry:
    .js
    .css
    
    /usr/local/maldetect/ignore_sigs
    A line spaced file for signatures that should be removed from file scanning
    Sample ignore entry:
    base64.inject.unclassed
    
    /usr/local/maldetect/ignore_inotify
    A line spaced file for regexp paths that are excluded from inotify monitoring
    Sample ignore entry:
    ^/home/user$
    ^/var/tmp/#sql_.*\.MYD$
Viewing 15 posts - 1 through 15 (of 15 total)

You must be logged in to reply to this topic.