SublimeVideo – HTML5 Video Player 403 error

Home Forums BulletProof Security Pro SublimeVideo – HTML5 Video Player 403 error

This topic contains 11 replies, has 2 voices, and was last updated by  AITpro Admin 5 years, 8 months ago.

Viewing 12 posts - 1 through 12 (of 12 total)
  • Author
    Posts
  • #12837

    Andre
    Participant

    Hi,

    I got a security log like this:

    >>>>>>>>>>> 403 GET or HEAD Request Error Logged - January 31, 2014 - 2:25 am <<<<<<<<<<<
    REMOTE_ADDR: 1.2.3.4
    Host Name: fantasy
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://domain.de/wp-admin/post.php?post=287&action=edit
    REQUEST_URI: /wp-content/plugins/sublimevideo-official/tinymce/sv-insert.php?%27webkitAllowFullScreen=%271
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.102 Safari/537.36

    So I went and excluded sublimevideo-official/tinymce in autorestore in precaution and then went to firewall whitelist and added:

    /sublimevideo-official/tinymce/sv-insert.php

    But I still cannot use the insert button on the WP editor to insert a file from sublimevideos service… I get this: domain.de 403 Forbidden Error Page. If you arrived here due to a search or clicking on a link click your Browser’s back button to return to the previous page. Thank you.

    Can You help please?
    Cheers.
    Andre

    #12839

    AITpro Admin
    Keymaster

    The Query String contains url encoded single quote code characters:

    %27 - %27webkitAllowFullScreen=%27

    See this Forum Topic link for the solution:  http://forum.ait-pro.com/forums/topic/apostrophe-single-quote-code-character/#post-6939

    You may need both a Plugin Firewall whitelist rule and the single quote solution above or you may just need the single quote solution above.

    Do BPS Pro General Troubleshooting step 3 or just remove the Plugin Firewall whitelist rule and see what happens after doing the single quote code character solution.

    3. On the Security Modes page, click the Plugin Firewall BulletProof Mode Deactivate button.

    BPS Pro Troubleshooting steps
    http://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting

    #12842

    AITpro Admin
    Keymaster

    Or maybe this is a coding mistake/code typo that needs to be fixed in this plugin.  Post a new thread in this plugin’s WordPress.org plugin support page.

    File:  class-sublimevideo-actions.php – Code Line:  24

    $iframe_src = SUBLIMEVIDEO_PLUGIN_URL."tinymce/sv-insert.php?' webkitAllowFullScreen='1TB_iframe=1";
    
    Code fix after removing the single quote code characters
    $iframe_src = SUBLIMEVIDEO_PLUGIN_URL."tinymce/sv-insert.php?webkitAllowFullScreen=1TB_iframe=1";
    #12843

    Andre
    Participant

    You hack man.

    The code fix made the trick and I posted already….

    There were others already showing up they had that problem, but they from sublime were kind of ignoring it… But I am save now, thanks to You… Thousand thumbs up (wherever I will take them from….hahaha)

    #12845

    AITpro Admin
    Keymaster

    Yes, it looked like an accident/typo in the code of that plugin.  If you look at the next 2 lines of code you will see single quotes used in attributes/parameters correctly so logically it just looked like single quotes were added by mistake in that line of code.

    #12846

    Andre
    Participant

    Lets see what they will respond here: https://getsatisfaction.com/sublimevideo/topics/wordpress_plug_in_error-b7kgl

     

    Now also no security logs anymore whne adding. But all the way of the last two days I played a LITTLEBIT with sublime, it seems to be really a great solution for adding selfhosted videos…

    #12899

    Andre
    Participant

    Hi,

    I see this security log also in connection with the sublimevideo plugin. It just happened after I only visited the post and updated it.

    >>>>>>>>>>> 403 GET or HEAD Request Error Logged - February 4, 2014 - 21:16 <<<<<<<<<<<
    REMOTE_ADDR: 23.20.19.240
    Host Name: ec2-23-20-19-240.compute-1.amazonaws.com
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER:
    REQUEST_URI: /wp-content/uploads/2014/02/movie1.mp4
    QUERY_STRING:
    HTTP_USER_AGENT: Ruby

    Do I get problems with this in terms of function?

    #12902

    AITpro Admin
    Keymaster

    UAEG does not block the .mp4 file extension.  Can you access the file directly in your Browser by going to the full URL to this mp4 file?

    #12903

    Andre
    Participant

    I can see the player and I have no problems NOW, but my question is about your experiences, if these kind of security logs might be a sign for future problems…

    I could only show you over email and logged in, cause it is an adult site.

    #12905

    AITpro Admin
    Keymaster

    The Security Log and log entries are static.  If a log entry/error is logged yesterday and the problem was fixed yesterday then the log entry will have yesterdays date.  If something is logged today that is not a blocked hacker, spammer, probe, recon, scrape, harvest……………………………. then you would look at what to do about it today/now.

    #12906

    Andre
    Participant

    So, yes, it was just logged, I simply opened the post , saved gallery which was not a change in the sublimevideo code or any, not relevant on the surface. But the log entry was made. And yes, I can enter the video as it should be from sublime. I can also enter and play the video over media manager, where the standard WP player is used, which should be http://mediaelementjs.com/ EDIT: But it doesnt happen all the time on saving…. just irregular.

    #12910

    AITpro Admin
    Keymaster

    What is strange about the log entry you posted is it looks like a standard amazon bot crawl.  Or maybe the script is doing something else that calls the amazon bot?  Maybe a HEAD Request or something to check the file?  What can happen is a script may be doing several different things and 1 of those things triggers a 403 error, but everything works and functions normally.  As long as everything works and is displaying correctly then these types of 403 log entries can be ignored.

    Typically when something happens intermittently then the things to look at are cache and connectivity things.  If BPS is blocking something then that would not be blocked intermittently – it would be blocked permanently.

    Also just because BPS is logging a 403 or other type of error does not necessarily mean that BPS caused the error.  BPS takes control of all HTTP status logging/handling using the ErrorDocument .htaccess directive, which is just a redirect to the logging template.

Viewing 12 posts - 1 through 12 (of 12 total)

You must be logged in to reply to this topic.