Monarch plugin – 403 error

Home Forums BulletProof Security Pro Monarch plugin – 403 error

Tagged: 

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • May 18, 2019 at 10:07 am #37356
    Rami M
    Participant

    Hi,

    I have Monarch from Elegant Themes installed and not sure which bonus custom code is blocking this and how to white-list it.

    Many thanks,

    Rami

    HTTP_REFERER: https://.../?et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558159350805-953
REQUEST_URI: /?et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558159350805-953
QUERY_STRING: et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558159350805-953
HTTP_USER_AGENT: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36
REQUEST BODY: et_pb_preview_nonce=5995afcf49&is_fb_preview=true&shortcode=%5Bet_social_follow+icon_style%3D%22flip%22+icon_shape%3D%22rectangle%22+icons_location%3D%22top%22+col_number%3D%225%22+spacing%3D%22true%22+outer_color%3D%22dark%22+network_names%3D%22true%22%5D
    May 18, 2019 at 10:38 am #37357
    AITpro Admin
    Keymaster

    I need to see the BPS Security Log entry for what is being blocked.  Go to the BPS Security Log page and copy and paste the Monarch plugin Security Log entry.

    May 18, 2019 at 11:18 am #37358
    Rami M
    Participant

    Thanks for your help. Here is the entry I see mentioning ET Monarch:

    [403 POST Request: May 18, 2019 5:55 am]
BPS Pro: 13.9
WP: 5.2
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 178....
Host Name: 178...
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: POST
HTTP_REFERER: https://.../?et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558158956701-774
REQUEST_URI: /?et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558158956701-774
QUERY_STRING: et_pb_preview=true&et_pb_preview_nonce=5995afcf49&iframe_id=et-fb-preview-1558158956701-774
HTTP_USER_AGENT: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36
REQUEST BODY: et_pb_preview_nonce=5995afcf49&is_fb_preview=true&shortcode=%5Bet_social_follow+icon_style%3D%22flip%22+icon_shape%3D%22rectangle%22+icons_location%3D%22top%22+col_number%3D%225%22+spacing%3D%22true%22+outer_color%3D%22dark%22+network_names%3D%22true%22%5D
    May 18, 2019 at 11:29 am #37359
    AITpro Admin
    Keymaster

    The Request is a POST Request.  So the POST Attack Protection Bonus Custom Code you added and modified is causing the 403 error.  You will need to add the whitelist rule below to your POST Attack Protection Bonus Custom Code and move the code to BPS Root Custom Code text box: 8. CUSTOM CODE WP REWRITE LOOP START.

    The additional whitelist rule for the Monarch plugin:

    # Whitelist Monarch Plugin POST Requests by Query String
RewriteCond %{QUERY_STRING} !^et_pb_preview(.*) [NC]

    1. Move (cut and paste) your existing POST Request Protection code from this BPS Root Custom Code text box: 14. CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE into this BPS Root Custom Code text box: 8. CUSTOM CODE WP REWRITE LOOP START.
    2. Edit your POST Request Protection code and add the Monarch Plugin POST Requests by Query String whitelist rule shown above into your POST Request Protection code.
    3. Go to the htaccess File Editor tab page > Your Current Root htaccess File tab > scroll down in your root htaccess file code until you see the WP REWRITE LOOP START code. It will look similar to this example code directly below. Do not use this code below since your WP REWRITE LOOP START code may be different.

    # WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

    Note: If you have an HTTPS/SSL website then use the BPS HTTPS/SSL Rewrite htaccess code below > https://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233

    # WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteCond %{SERVER_PORT} ^80
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteRule ^index\.php$ - [L]

    4. Copy your WP REWRITE LOOP START code or HTTPS/SSL Rewrite code and paste it above your POST Request Protection code in the Root Custom Code text box: 8. CUSTOM CODE WP REWRITE LOOP START.
    5.     Click the Save Root Custom Code button.
    6. Go to the Security Modes tab page and click the Root folder BulletProof Mode Activate button.

    May 19, 2019 at 5:11 am #37360
    Rami M
    Participant

    It worked. Many thanks!

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.