wget and cron jobs

[protection]

Hello –

I’m trying to run a cron job via wget, and noticed that BPS blocks it. I see that you have a solution here:

https://forum.ait-pro.com/forums/topic/wordpress-newsletter-plugin-wget-cron-blocked-by-bps/#post-2891

My question is, is that solution up-to-date? It was written 7 yrs ago.

Thanks

[AITpro Admin]

These days the Setup Wizard has the newer Setup Wizard AutoFix feature.  So if you followed the steps in the forum topic, which I need to update, then instead of doing step 3:  3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button, you would go to the BPS Setup Wizard page and run the Pre-Installation Wizard and Setup Wizard.

Or you can edit the BPS Query String Exploits code in Custom Code and edit these 2 security rules. Delete wget from both security rules and do steps 2 and 3 > 2. Click the Save Root Custom Code button. 3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]

[protection]

Thank you! I had custom code already placed in CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS, so what I ended up doing is just removing ‘|wget’ from the two placed it was specified. It seems to be working fine now.

Now that I’ve removed ‘wget‘ from that section, do you think this will pose a security risk?

[AITpro Admin]

Removing wget is safe to do.  Those particular security rules are actually nuisance rules to block Bots or humans from scanning, mining, harvesting, etc. your site.

[protection]

Perfect, thanks again. We can close this out.

[Author]

Posts