WordPress Firewall has detected and blocked a potential attack

Home Forums BulletProof Security Pro WordPress Firewall has detected and blocked a potential attack

This topic contains 0 replies, has 1 voice, and was last updated by  AITpro Admin 5 years, 4 months ago.

Viewing 1 post (of 1 total)
  • Author
  • #137

    AITpro Admin

    UPDATE: BPS Pro 13.3+ and BPS free 2.4+ versions have a malware scanner > BPS MScan Malware Scanner
    You can use the BPS MScan Malware Scanner to detect hacker files or code anywhere under your Hosting Account or database.

    Email Question:

    The Firewall plugin is seeing BulletProof Security Pro pages as a threat or potential attack.  Is there bad code in BPS?

    WordPress Firewall has detected and blocked a potential attack!Web Page: /wp-admin/admin.php?page=bulletproof-security/admin/options.phpWarning: URL may contain dangerous content!


    The Firewall plugin looks for general coding patterns like all scanners do and cannot really tell the difference between good code/safe code and bad code/malicious code with 100% accuracy.  All scanners have this same limitation/margin of error.  The Firewall plugin displays these options shown below the warning alert so you will just need to tell Firewall to whitelist the BPS Pro pages if you see these types of warnings.  The important thing to keep in mind is that these Firewall alerts are warning alerts of “possible” bad code/malicious code and are not telling you that these alerts have actually found real bad code/malicious code.  You can see from the alert text below from Firewall that words “may be” and “false alarm” are used to describe the alert.

    This may be a “Directory Traversal Attack.”

    Click here for more information on this type of attack.

    If you suspect this may be a false alarm because of something you recently did, try to confirm by repeating those actions. If so, whitelist it via the “whitelist this variable” link below. This will prevent future false alarms.

    Click here to whitelist this variable.Click here to turn off these emails. Repeated warnings for similar attacks are currently sent via email, click here to suppress them.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.