Home › Forums › BulletProof Security Pro › Whitelist rules are not valid
Tagged: invalid, not valid, Plugin Firewall, Whitelist Rules
- This topic has 28 replies, 4 voices, and was last updated 10 years, 1 month ago by
AITpro Admin.
-
AuthorPosts
-
growitsolutions
ParticipantIs this what you need:
Website Root URL: http://www.southwalesgirlsgolf.com Document Root Path: /home/linweb36/s/southwalesgirlsgolf.com-1081180436/user/htdocs WP ABSPATH: /home/linweb36/s/southwalesgirlsgolf.com-1081180436/user/htdocs/ Parent Directory: /home/linweb36/s/southwalesgirlsgolf.com-1081180436/user Server|Website IP Address: 127.0.0.1 Host by Address: linweb36.linvh1.fasthosts.co.uk DNS Name Server: ns2.livedns.co.uk Proxy X-Forwarded-For IP Address: 213.106.136.11 Server Type: Apache Operating System: Linux WP Filesystem API Method: direct Server API: cgi-fcgi CGI Host Server Type cURL: cURL Extension is Loaded Zend Engine Version: 2.4.0 Zend Guard|Optimizer: Zend Guard Loader Extension is Loaded ionCube Loader: ionCube Loader Extension is Loaded Version: 40202 Suhosin: Suhosin is Not Installed|Loaded APC: APC Extension is Not Loaded eAccelerator: eAccelerator Extension is Not Loaded XCache: XCache Extension is Loaded but Not Enabled Varnish: Varnish Extension is Not Loaded Memcache: Memcache Extension is Not Loaded Memcached: Memcached Extension is Not Loaded
AITpro Admin
KeymasterEverything looks good so at this point I will need to login to this website to solve whatever problem is occurring. Create a temporary WordPress Administrator login and send it to edward at ait-pro dot com.
growitsolutions
ParticipantAll done
AITpro Admin
KeymasterI have received that login information and will be logging in now. Please do not change any BPS Pro settings while I am logged in. Once I have fixed whatever is going on then I will log out and let you know I am logged out. Thanks.
growitsolutions
ParticipantThank you
AITpro Admin
KeymasterI am logged out of the site now.
The original Plugin Firewall problem was corrected by you doing the steps that I posted above. I checked the Security Log and see that AutoPilot Mode did automatically fix the previous problem. I tested the Plugin Firewall with a Proxy and it is functioning normally.
Now you have these other major problems below with this website that you need to contact your host to fix.
The site is performing very poorly due to both of these things below:
The memory limit needs to be increased from 64M to at least 128M.
PHP Actual Configuration Memory Limit: 64M Recommendation: Increase Memory Limit to 128M.WordPress websites do not perform well when output buffering is On. Turn output buffering Off.
PHP Output Buffering: 4096Additional issue:
You have the Broken Link Checker plugin installed. The Broken Link Checker plugin should not be left activated/on all the time. It uses quite a lot of server resources and memory. Only turn it on when you want to occaisonally check for broken links on this site or you need to configure the advanced settings in this plugin if you want to leave it on/activated all the time.Very Important: If you are still seeing WP Dashboard issues/problems after increasing the memory limit and turning output buffering off then the problem is going to be with your Browser or something you have installed on your computer. If you are using a Proxy (either an online Proxy/VPN or a Proxy/VPN that you have installed in your Browser or computer) when logging into a website then that will usually cause the problems you have described.
growitsolutions
ParticipantReally sorry but now I’m getting:
[403 GET / HEAD Request: February 21, 2015 8:16 pm] Event Code: PFWR-PSBR-HPR Solution: http://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 31.98.23.119 Host Name: 31.98.23.119 SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 31.98.23.119 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://www.southwalesgirlsgolf.com/ REQUEST_URI: /wp-content/plugins/thinkup-panels/inc/plugins/waypoints/waypoints.min.js?ver=2.0.3 QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (iPhone; CPU iPhone OS 8_1_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12B466 Safari/600.1.4
AITpro Admin
KeymasterIs the plugin working? Is this an older Security log entry? It may just be that the Plugin Firewall should not be used on this particular site. When I checked the site everything appeared to be working correctly in general. What does that plugin do? Where would you check to see if it is working?
AITpro Admin
KeymasterOf course this also might not have anything to do with the Plugin Firewall either. I think at this point you need to do the standard BPS Pro troubleshooting steps here: http://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting and then let me know exactly which BPS Pro security feature is blocking which thing. At this point the assumption has been made that this is being blocked by the Plugin Firewall. Not sure if you already tested or confirmed that already by doing the BPS Pro troubleshooting steps, but things could require a plugin skip/bypass rule or something else. By doing the BPS Pro troubleshooting steps you can isolate which thing is causing what.
If you would like for me to do that then I need to know specifically what is not working. Ie a link to what is not working. The name of the plugin that is not working. And a specific description of what is not working.
growitsolutions
ParticipantHi, I’ve tested from a few devices and it now seems to be working!- so that’s great. Tomorrow I will carry out final checks and let you know. Really appreciate all your help – Thank you.
AITpro Admin
KeymasterGreat! BUT take care of the memory limit and output buffer problems ASAP. It is very possible that the output buffer being on is causing intermittent problems and it could even be breaking/preventing BPS Pro from doing what it does intermittently, including whitelisting things.
AITpro Admin
KeymasterJust some additional info on output buffering and WordPress. It is perfectly fine to do output buffering on specific pages using
ob_start();
code in WordPress (plugin, theme or other pages), BUT using the php.ini directive output_buffering = 4096 in a php.ini file is a known problem for WordPress websites.Performance WP Specific: Allow or Disallow output buffering. Output buffering is a mechanism for controlling how much output data (excluding headers and cookies) PHP should keep internally before pushing that data to the client. Output buffering does not work well on WordPress sites and causes slower performance. For other types of sites that are NOT WordPress the recommended output buffering setting is: output_buffering = 4096. The ouput buffering setting for WordPress should be: output_buffering = 0 or output_buffering = Off.
growitsolutions
ParticipantThat’s great – thanks for the info – now just got to get the hosting company to comply 🙂
Now you have made these changes, is there an easy way to save them for future?Regards
AITpro Admin
KeymasterYou already solved the problem by doing the steps I posted. When I logged into your site the problem had already been fixed and I just tested things and confirmed that everything was fixed. All BPS Pro settings are stored in your Database so they are already saved. If you do a Database backup then you will have a backup of those saved settings.
-
AuthorPosts
- You must be logged in to reply to this topic.