Whitelist Url and file

Home Forums BulletProof Security Pro Whitelist Url and file

Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
    Posts
  • January 13, 2024 at 2:02 am #43409
    Ian
    Participant

    Hi,

    Can anyone advise me the easiest way to whitelist the following files and urls being blocked by a 403 forbidden by Bulletproof please?

    https://www..com/wp-content/uploads/complianz/cmp/vendorlist/vendor-list.json

https://www..com/wp-content/uploads/complianz/cmp/vendorlist/vendor-list.json

    Many thanks in advance

    January 13, 2024 at 4:49 am #43410
    AITpro Admin
    Keymaster

    I assume json files are being blocked in your WordPress /uploads folder by BPS Pro UAEG.

    To edit/customize your Uploads Anti-Exploit Guard (UAEG) .htaccess file go to the B-Core > htaccess File Editor tab page > “Your Current Uploads htaccess File” tab and do the steps below.
    1. Copy and paste your entire Uploads .htaccess file code from the “Your Current Uploads htaccess File” tab on the htaccess File Editor page into the CUSTOM CODE UAEG text box on the BPS Custom Code tab page.
    2. Edit/modify/customize your UAEG htaccess code in the CUSTOM CODE UAEG text box on the BPS Custom Code tab page.
    3. Click the Save UAEG Custom Code button to save your UAEG custom code.
    4. Go to the Security Modes page and click the UAEG BulletProof Mode Activate button.

    The edit that you will be making to your UAEG htaccess code will be removing:  |json from this line of htaccess code as shown below. Note: your htaccess code may look different depending on your server type, but you are simply removing the json file type from your htaccess code.

    <FilesMatch "\.(7z|as|bat|bin|cgi|chm|chml|class|cmd|com|command|dat|db|db2|db3|dba|dll|DS_Store|exe|gz|hta|htaccess|htc|htm|html|htx|ico|idc|ini|ins|isp|jar|jav|java|jse|jsfl|jsp|jsx|lib|lnk|out|php|phps|php5|php4|php3|phtml|phpt|pl|py|pyd|pyc|pyo|rar|shtm|shtml|sql|swf|sys|tar|taz|tgz|tpl|vb|vbe|vbs|war|ws|wsf|xhtml|xml)$">
    January 14, 2024 at 2:17 am #43411
    Ian
    Participant

    Thank you for your help.

    It worked perfectly.

    January 15, 2024 at 2:55 am #43415
    Ian
    Participant

    Hi,

    We are fairly confident we have narrowed the issues we are still having to the wp-admin Folder BulletProof Mode (WBM)

    When we disable that, the plugin banner and TCF files appear to be working fine, although we are still at this point not getting any adsense adds to appear.

    However we did not add any custom code to that .htaccess file so are stuck now as there is nothing new to look for?

    Thanks,

    January 15, 2024 at 5:17 am #43416
    AITpro Admin
    Keymaster

    Go to the BPS Security Log page, copy your most recent Security Log entries and post them in your forum reply so I can see what is being blocked.

    January 15, 2024 at 5:33 am #43418
    Ian
    Participant

    Hi,

    When I try posting them and clicking save, they are not appearing in this topic.

    Can I email them to you?

    Thanks

    January 15, 2024 at 5:43 am #43419
    Ian
    Participant

    Hi,

    Plugin author has just confirmed  “The plugin doesn’t add anything to the .htaccess file”

    We currently have re-enabled wp-admin Folder BulletProof Mode (WBM) and weirdly things appear to be working in that TCF lists and banners are appearing ok.

    However something is still causing zero adsense adverts to appear.

    January 15, 2024 at 6:42 am #43421
    AITpro Admin
    Keymaster

    Could be some sort of caching issue.  If you are using a caching plugin then clear/delete all cache and also clear/delete your browser cache.  js minification used in caching plugins is known to cause all sorts of problems.  If you have enabled js minification in a caching plugin then turn that off.  Could also be a configuration problem with your adsense plugin. Will check your website for any obvious clues.

    January 15, 2024 at 6:52 am #43422
    Ian
    Participant

    Hi,

    Thanks for getting back to me.

    We do not have any cache plugins or server side cache or load balancing enabled.

    These have been disabled now for over over 24 hours.

    January 15, 2024 at 7:26 am #43423
    AITpro Admin
    Keymaster

    I checked your site and it looks like you have the Jetpack plugin installed and are using the Jetpack Site Accelerator to create a CDN.  I don’t see anything in your BPS Security Log entries that indicates BPS is blocking anything in your Google Site Kit plugin.  At this point it appears this is a configuration problem with Google Ads and not something that is being blocked.  You should double check all of your Google Adsense configuration stuff and also use any built in Google Adsense diagnostic tools to ensure your site is configured correctly for Google Adsense.  See this Google Site Kit help forum topic for how to check your account > https://wordpress.org/support/topic/your-account-isnt-ready-to-show-ads-yet-need-help/

  • Author
    Posts
Viewing 10 posts - 1 through 10 (of 10 total)
  • You must be logged in to reply to this topic.