Topic: Whois Plugin blocked by BulletProof Security, 404 Not Found Error | BulletProof Security Forum

Whois Plugin blocked by BulletProof Security, 404 Not Found Error

Tagged: Whois plugin, whois plugin 404, Whois Plugin blocked

This topic has 4 replies, 2 voices, and was last updated 11 years ago by AITpro Admin.

Viewing 5 posts - 1 through 5 (of 5 total)

Author

Posts
November 21, 2012 at 8:02 am #429
AITpro Admin
Keymaster
Email Question:

Hi Ed,

I have a question about a plugin that I am using which could be partial blocked by .htaccess.I got this feedback from the plugin developer:The Ajax call to order the TLDs show a 404 Not Found.It could be permissions on that file, a .htaccess or Apache mod_securityThis is the URL:
```
example.com/subfolder/wp-admin/admin-ajax.php?action=wpwhoisordertlds&item[]=com&item[]=cl&item[]=se&item[]=net&item[]=org&item[]=info&item[]=biz&item[]....
```
The mod_security is not installed on the VPS and file chmod is set to 644.The plugin is called WHOIS. I cannot get the ordering of the TLD’s saved.

Answer:
The square brackets in the Query String are definitely going to be blocked and possibly the call to the admin-ajax.php file too. Modify these security filters below in your Root .htaccess file and remove the square brackets from these security filters. If this does not take care of the issue then see the admin-ajax.php skip/bypass rule “fix” below.
```
Before modificationRewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|%3c|%3e|%5b|%5d).* [NC,OR]RewriteCond %{QUERY_STRING} ^.*(\0|\x04|\x08|\r|\x1b|\x20|\x3c|\x3e|\x5b|\x5d|\x7f).* [NC,OR]
After modificationRewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR]RewriteCond %{QUERY_STRING} ^.*(\0|\x04|\x08|\r|\x1b|\x20|\x3c|\x3e|\x7f).* [NC,OR]
```
admin-ajax.php skip/bypass rule
1. Add the admin-ajax.php skip/bypass rule below to this wp-admin Custom Code text box: CUSTOM CODE WPADMIN PLUGIN/FILE SKIP RULES
2. Click the Save wp-admin Custom Code button.
3. Go to the Security Modes page and Activate wp-admin Folder BulletProof Mode.

Note: The skip rule must be [S=2] because it will be written to your wp-admin .htaccess file above skip / bypass rule [S=1]. If you have other wp-admin skip/bypass rules already then either combine them or add this skip/bypass rule separately above the other rules and change the skip #. Example: If you already have skip #’s 2 and 3 then this rule would be skip rule #4.
```
# admin-ajax.php skip/bypass rule
RewriteCond %{REQUEST_URI} (admin-ajax\.php) [NC]
RewriteRule . - [S=2]
```
November 21, 2012 at 8:59 am #437
Jan
Participant

Hi Ed,
The bypass rule did it for me! Thanks again for your swift solution 😀
November 21, 2012 at 9:13 am #438
AITpro Admin
Keymaster

Hi Jan,

Did you need to modify the square brackets filters in your Root .htaccess file too or did just adding the admin-ajax.php skip / bypass rule in your wp-admin .htaccess do the trick?

Thanks.
November 21, 2012 at 9:17 am #440
Jan
Participant

Hi Ed,
I tried the first adjustment but I did not have any effect. So I set it back and then tried the bypass rule which worked.
November 21, 2012 at 9:22 am #441
AITpro Admin
Keymaster

Ok perfect thanks. 😉 I will add this “fix” to the plugins compatibility, testing and “fixes” page.
Author

Posts

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.