Monarch plugin – 403 error

Home Forums BulletProof Security Pro Monarch plugin – 403 error

Tagged: 

This topic contains 4 replies, has 2 voices, and was last updated by  Rami M 6 months, 4 weeks ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #37356

    Rami M
    Participant

    Hi,

    I have Monarch from Elegant Themes installed and not sure which bonus custom code is blocking this and how to white-list it.

    Many thanks,

    Rami

    HTTP_REFERER: https://.../?et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558159350805-953
    REQUEST_URI: /?et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558159350805-953
    QUERY_STRING: et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558159350805-953
    HTTP_USER_AGENT: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36
    REQUEST BODY: et_pb_preview_nonce=5995afcf49&is_fb_preview=true&shortcode=%5Bet_social_follow+icon_style%3D%22flip%22+icon_shape%3D%22rectangle%22+icons_location%3D%22top%22+col_number%3D%225%22+spacing%3D%22true%22+outer_color%3D%22dark%22+network_names%3D%22true%22%5D
    #37357

    AITpro Admin
    Keymaster

    I need to see the BPS Security Log entry for what is being blocked.  Go to the BPS Security Log page and copy and paste the Monarch plugin Security Log entry.

    #37358

    Rami M
    Participant

    Thanks for your help. Here is the entry I see mentioning ET Monarch:

    [403 POST Request: May 18, 2019 5:55 am]
    BPS Pro: 13.9
    WP: 5.2
    Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
    Solution: N/A - Hacker/Spammer Blocked/Forbidden
    REMOTE_ADDR: 178....
    Host Name: 178...
    SERVER_PROTOCOL: HTTP/1.1
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: POST
    HTTP_REFERER: https://.../?et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558158956701-774
    REQUEST_URI: /?et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558158956701-774
    QUERY_STRING: et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558158956701-774
    HTTP_USER_AGENT: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36
    REQUEST BODY: et_pb_preview_nonce=5995afcf49&is_fb_preview=true&shortcode=%5Bet_social_follow+icon_style%3D%22flip%22+icon_shape%3D%22rectangle%22+icons_location%3D%22top%22+col_number%3D%225%22+spacing%3D%22true%22+outer_color%3D%22dark%22+network_names%3D%22true%22%5D
    #37359

    AITpro Admin
    Keymaster

    The Request is a POST Request.  So the POST Attack Protection Bonus Custom Code you added and modified is causing the 403 error.  You will need to add the whitelist rule below to your POST Attack Protection Bonus Custom Code and move the code to BPS Root Custom Code text box: 8. CUSTOM CODE WP REWRITE LOOP START.

    The additional whitelist rule for the Monarch plugin:

    # Whitelist Monarch Plugin POST Requests by Query String
    RewriteCond %{QUERY_STRING} !^et_pb_preview(.*) [NC]

    1. Move (cut and paste) your existing POST Request Protection code from this BPS Root Custom Code text box: 14. CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE into this BPS Root Custom Code text box: 8. CUSTOM CODE WP REWRITE LOOP START.
    2. Edit your POST Request Protection code and add the Monarch Plugin POST Requests by Query String whitelist rule shown above into your POST Request Protection code.
    3. Go to the htaccess File Editor tab page > Your Current Root htaccess File tab > scroll down in your root htaccess file code until you see the WP REWRITE LOOP START code. It will look similar to this example code directly below. Do not use this code below since your WP REWRITE LOOP START code may be different.

    # WP REWRITE LOOP START
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]

    4. Copy your WP REWRITE LOOP START code and paste it above your POST Request Protection code in the Root Custom Code text box: 8. CUSTOM CODE WP REWRITE LOOP START.
    5.
     Click the Save Root Custom Code button.
    6. Go to the Security Modes tab page and click the Root folder BulletProof Mode Activate button.

    #37360

    Rami M
    Participant

    It worked. Many thanks!

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.