Home › Forums › BulletProof Security Pro › WordPress Social Login – 403 error, unable to login
Tagged: 403 error, unable to login, WordPress Social Login
- This topic has 45 replies, 4 voices, and was last updated 6 years, 1 month ago by AITpro Admin.
-
AuthorPosts
-
AWParticipant
Hello @ait,
After few days tweaks and try on 2 different website. I really could not find out the issue.
- Plugins Disable : Autoptimize ( there’s no minify js or css ) [ I did a compile of css to one manually ]
- Default wp-cron : Disable ( use linux cron – as i have a feeder plugin that need to activate every 15-20 mins )
Method I tried >
- Default wp-cron activated
- Cron job disable
- Feeder plugin disable
- >> Activated Plugin Test Mode
- >> Try all pages, try login via social network on Laptop ( fail ) and then Cellphone ( fail )
- >> wait couple hours, back to the pc….Clear cache on wp, clear cache on mozilla > try to login via social(fail)
IF i disable Plugin Firewall, the WordPress Social Login works on laptop and cellphone.
Please guide, there must be something i miss in BPS.
As mentioned above, i tested on 2 website:-
1. maincuisine.com ( does not work ) > I completely off it so the wordpress social network could be use
2. ladpress.com ( working, even though PFW AutoPilot is Off ) >FYI, i tried all the method as advise, but still could not find out the issue. Even removed the css/js minfy thingy(autoptimize)
If will be great if you could have a look at the settings on maincuisine.com
Please advise, so i could send you ID and psw to test. ( however, Default cron is disable )Thanks.
Regards,
AlexUpdate,
Both website could not work, need to disable Plugin Firewall in order to be able to use the WordPress Social Login.AITpro AdminKeymasterSend a WordPress Administrator login to this website to: info at ait-pro dot com.
AWParticipantHello,
Thanks man, just email to you.Regards,
AlexAITpro AdminKeymaster@ AW –
Problem: unable to connect/login via Social Login buttons.
Solution: See Plugin Firewall/CloudFlare Manual IP address whitelisting steps below performed in the Plugin Firewall > Whitelist by Hostname (domain name) and IP Address tool text box & the htaccess File Editor > Your Current Plugins htaccess File.There was a very interesting and odd set of problems occurring on this site:
since WP Standard Cron jobs are disabled then that contributes to the problems, but if you do everything manually then you can use the Plugin Firewall and things will still work normally.CloudFlare is enabled on this site, but not on the site itself with the CloudFlare plugin. I assume CloudFlare is enabled in DNS or the host server. Manual Steps required to get the Plugin Firewall working:
Created these IP address manually in the Plugin Firewall > Whitelist by Hostname (domain name) and IP Address tool text box:
Note: You will need to manually add your current IP address in this text box as well. If your IP address changes regularly then use this IP address format:xxx.xxx.[0-9]{1,3}.[0-9]{1,3}
You will also need to edit your Plugin Firewall htaccess file using the htaccess File Editor and add your IP address manually where you see this in your current plugins htaccess file: # Add your current IP address manually below and replace the 127.0.0.1 IP Address.108.213.94.121, 172.69.[0-9]{1,3}.[0-9]{1,3}, 103.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 104.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 108.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 131.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 141.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 162.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 172.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 173.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 188.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 190.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 197.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 198.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 2400:cb00[:\\d\\w]+, 2405:8100[:\\d\\w]+, 2405:b500[:\\d\\w]+, 2606:4700[:\\d\\w]+, 2803:f800[:\\d\\w]+, 2c0f:f248[:\\d\\w]+, 2a06:98c0[:\\d\\w]+
Manually created this code in your Plugin Firewall htaccess file using the htaccess File Editor > Your Current Plugins htaccess File:
# BEGIN ADDITIONAL ALLOW FROM RULES # Add your current IP address manually below and replace the 127.0.0.1 IP Address. RewriteCond %{REMOTE_ADDR} !^127.0.0.1$ # My AITpro Static IP address RewriteCond %{REMOTE_ADDR} !^108.213.94.121$ # CloudFlare IPv4 and IPv6 Addresses RewriteCond %{REMOTE_ADDR} !^103.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^104.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^108.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^131.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^141.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^162.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^172.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^173.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^188.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^190.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^197.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^198.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^2400:cb00[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2405:8100[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2405:b500[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2606:4700[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2803:f800[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2c0f:f248[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2a06:98c0[:\d\w]+$ # END ADDITIONAL ALLOW FROM RULES
## Other issues/problems:
Problem: Root htaccess rewrite www to non-www code in the wrong place in Custom Code.
Solution: Moved www to non-www rewrite/redirect code to correct BPS Root Custom Code text box: 8. CUSTOM CODE WP REWRITE LOOP START. See below code.# WP REWRITE LOOP START # Rewrite www to non-www RewriteEngine On RewriteBase / RewriteCond %{HTTP_HOST} ^www\.maincuisine\.com [NC] RewriteRule ^(.*)$ http://maincuisine.com/$1 [L,R=301] RewriteRule ^index\.php$ - [L]
Problem: PHP error is occurring repeatedly:
Note: This problem may have been fixed by whitelisting CloudFlare in the Plugin Firewall. If you continue to see additional errors then contact the wp-automatic plugin author.[27-Jan-2018 16:45:10 UTC] PHP Warning: trim() expects parameter 1 to be string, array given in /home4/xxxxx/public_html/maincuisine.com/wp-content/plugins/wp-automatic/core.php on line 3634
Solution: Contact the wp-automatic plugin author so that this error can be fixed in the next wp-automatic plugin version.
AWParticipantHello @ait,
Just got up and check the updates. Yep you are right.
CloudFlare : Running on DNS set at CloudFlare ( without plugin )
Noted and thanks for the# WP REWRITE LOOP START – put in wrong section
PHP repeatedly from Automatic plugins ( i did check it out with the plugin owner, he said it is normal an occurred when the requested data from source is not available for that particular keyword search ) – however will ask him again about thisSolution:
Plugin Firewall > Whitelist by Hostname (domain name) and IP Address tool text box ( Okay got it )
The htaccess File Editor > Your Current Plugins htaccess File. ( Okay got it )To further understand the current settings which created by you:-
108.213.94.121, 172.69.[0-9]{1,3}.[0-9]{1,3}, 103.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 104.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 108.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 131.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 141.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 162.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 172.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 173.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 188.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 190.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 197.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 198.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}, 2400:cb00[:\\d\\w]+, 2405:8100[:\\d\\w]+, 2405:b500[:\\d\\w]+, 2606:4700[:\\d\\w]+, 2803:f800[:\\d\\w]+, 2c0f:f248[:\\d\\w]+, 2a06:98c0[:\\d\\w]+
a. How did you trace and find out the IP address? Example as above “108.213.94.121” (i check my broadband ip, server ip and ping the domain as well but does not show the ip above)
b. Assume if my ip ( broadband changed frequently ) then i should apply the settings as below, am i right? –
RewriteCond %{REMOTE_ADDR} !^xxx.xxx.[0-9]{1,3}.[0-9]{1,3}$
Regards,
AlexAITpro AdminKeymaster@ AW – IP address: 108.213.94.121 is our AITpro ISP Static IP address (you can either leave our IP address or delete it). To get your ISP IP address type this search in Google: What is my IP address. Yes, you should use this format if you do not have a Static IP address from your ISP:
RewriteCond %{REMOTE_ADDR} !^xxx.xxx.[0-9]{1,3}.[0-9]{1,3}$
AWParticipantHello @ait,
Thanks man…recap from what i see in the Your Current Plugin Htaccess File
Last inquiry about the settings so i would know how to deal with other websites.BELOW One ( My ip, non fix )
# BEGIN PUBLIC IP RewriteCond %{REMOTE_ADDR} !^xxx.xxx.[0-9]{1,3}.[0-9]{1,3}$ # END PUBLIC IP
BELOW Two ( ip from cloudflare, is it default settings? )
# CloudFlare IPv and IPv6 Addresses RewriteCond %{REMOTE_ADDR} !^103.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^104.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^108.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^131.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^141.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^162.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^172.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^173.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^188.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^190.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^197.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^198.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^2400:cb00[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2405:8100[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2405:b500[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2606:4700[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2803:f800[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2c0f:f248[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2a06:98c0[:\d\w]+$ # END ADDITIONAL ALLOW FROM RULES
BELOW Three ( the ip 172 is from bps as well ? )
# BEGIN ADDITIONAL ROLES IP RewriteCond %{REMOTE_ADDR} !^172.69.33.97$ # END ADDITIONAL ROLES IP
Regards,
AlexAITpro AdminKeymaster@ AW – Yes, that is correct. You can disregard the # BEGIN ADDITIONAL ROLES IP section of code and IP address. That IP address is coming from this Plugin Firewall additional whitelist tool > Additional Roles IP Whitelist > Administrator checkbox. I have no idea where that IP address came from. Maybe CloudFlare?
AWParticipantHello @ait,
I tried to
login via mobile from (different IP), it redirect to the same error.
login with the same IP, it redirect to the same errorHerewith I copy the whole original setting you made for the Your Current Plugin Htaccess.
# BULLETPROOF PRO .HTACCESS PLUGIN FIREWALL # # BPS Pro 11 mod_rewrite # # BEGIN WHITELIST: Frontend Loading Website Plugin scripts/files RewriteRule ^bulletproof-security/400.php - [L] RewriteRule ^bulletproof-security/403.php - [L] RewriteRule ^bulletproof-security/405.php - [L] RewriteRule ^bulletproof-security/410.php - [L] RewriteRule ^bulletproof-security/isl-logout.php - [L] RewriteRule ^wp-fastest-cache/js/toolbar.js - [L] RewriteRule ^td-composer/css-live/assets/external/ace/ace.js - [L] RewriteRule ^td-composer/css-live/assets/external/ace/ext-language_tools.js - [L] RewriteRule ^td-composer/assets/js/js_files_for_live_css.min.js - [L] RewriteRule ^td-composer/assets/js/js_files_for_plugin_live_css.min.js - [L] RewriteRule ^wp-automatic/js/main-front.js - [L] RewriteRule ^covertvideocontent/assets/video.min.js - [L] # END WHITELIST # # FORBID REMOTE ACCESS TO THESE PLUGIN FILE TYPES FROM ANYONE EXCEPT YOU RewriteCond %{REQUEST_URI} ^.*\.(7z|as|bat|bin|cgi|chm|chml|class|cmd|com|command|dat|db|db2|db3|dba|dll|DS_Store|exe|gz|hta|htaccess|htc|htm|html|html5|htx|idc|ini|ins|isp|jar|jav|java|js|jse|jsfl|json|jsp|jsx|lib|lnk|out|php|phps|php5|php4|php3|phtml|phpt|pl|py|pyd|pyc|pyo|rar|shtm|shtml|sql|swf|sys|tar|taz|tgz|tpl|txt|vb|vbe|vbs|war|ws|wsf|xhtml|z|zip)$ [NC] # BEGIN PUBLIC IP RewriteCond %{REMOTE_ADDR} !^14.192.213.18$ # END PUBLIC IP # BEGIN ADDITIONAL ALLOW FROM RULES # Add your current IP address manually below and replace the 127.0.0.1 IP Address. RewriteCond %{REMOTE_ADDR} !^127.0.0.1$ # My AITpro Static IP address RewriteCond %{REMOTE_ADDR} !^108.213.94.121$ # CloudFlare IPv4 and IPv6 Addresses RewriteCond %{REMOTE_ADDR} !^103.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^104.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^108.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^131.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^141.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^162.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^172.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^173.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^188.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^190.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^197.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^198.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$ RewriteCond %{REMOTE_ADDR} !^2400:cb00[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2405:8100[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2405:b500[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2606:4700[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2803:f800[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2c0f:f248[:\d\w]+$ RewriteCond %{REMOTE_ADDR} !^2a06:98c0[:\d\w]+$ # END ADDITIONAL ALLOW FROM RULES # BEGIN ADDITIONAL ROLES IP RewriteCond %{REMOTE_ADDR} !^172.69.33.97$ # END ADDITIONAL ROLES IP RewriteRule ^(.*)$ - [F]
Should i replace the context below? ( which i tried to replace in htaccess File Editor )
# BEGIN ADDITIONAL ALLOW FROM RULES # Add your current IP address manually below and replace the 127.0.0.1 IP Address. RewriteCond %{REMOTE_ADDR} !^xxx.xxx.[0-9]{1,3}.[0-9]{1,3}$
Is the context below restrict users from other IP to use the WordPress Social Login? :-
# BEGIN PUBLIC IP RewriteCond %{REMOTE_ADDR} !^14.192.213.18$ # END PUBLIC IP
Still almost there on the solutions.
Thanks man and sorry for the hassle.Regards,
AlexAITpro AdminKeymaster@ AW – This IP address in this section of the Plugin Firewall htaccess file below is added automatically by BPS and should be your current IP address. The reason I recommended that you manually add additional IP addresses in this section of the PFW htaccess file: # BEGIN ADDITIONAL ALLOW FROM RULES and manually in the Plugin Firewall > Whitelist by Hostname (domain name) and IP Address tool text box is that you have disabled WordPress standard Crons, which is going to interfere with normal/standard WordPress and BPS Cron Job functionality. It was an additional redundant measure in case the disabled WP Standard Cron issue caused other problems for PFW/BPS.
# BEGIN PUBLIC IP RewriteCond %{REMOTE_ADDR} !^14.192.213.18$ # END PUBLIC IP
It sounds like the Mobile device social medial login problem may be a completely different problem that has nothing to do with logging in using the Social media connect buttons with a PC/laptop. I will log back into your site and look for any new Security Log entries that show an errors specifically for a Mobile device social media login.
AITpro AdminKeymaster@ AW – I did not find any Security Log entries for any Mobile device logins, but what I do see is a CloudFlare problem. CloudFlare is caching your WP Login page, which should never be done for any reason. Also I believe you are caching your wp-admin area with CloudFlare, which should never be done for any reason. So you need to login to CloudFlare and change your settings and exclude the WP Login page from CloudFlare and also choose to NOT cache the wp-admin backend area. It has been years since I looked at CloudFlare settings so I have no idea how to do those things.
Other Problem:
###################
Problem: Feedburner HEAD Requests blocked.
Solution: Added this code below to this BPS Root Custom Code text box: 9. CUSTOM CODE REQUEST METHODS FILTERED
Clicked that Save Root Custom Code button and activated Root Folder BulletProof Mode.# REQUEST METHODS FILTERED # If you want to allow HEAD Requests use BPS Custom Code and copy # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code # text box: CUSTOM CODE REQUEST METHODS FILTERED. # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps. RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC] RewriteRule ^(.*)$ - [F] #RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC] #RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L]
AITpro AdminKeymaster@ AW – Ok I think I got this figured out. The WordPress Social Login plugin was doing an internal redirect back into it’s plugin folder in a way that a Security Log entry was not being logged. I manually created this WordPress Social Login whitelist rule in the Plugin Firewall:
/wordpress-social-login/(.*).(js|php)
. I tested with a mobile device emulator that allows testing many different mobile devices types and all worked/connected successfully. Please test logging in/connecting with your mobile device.AWParticipantHello @ait!
I would like to say ….thumbs up!!!!
Awesome ! yeh whitelist the “/wordpress-social-login/(.*).(js|php)” and work perfectly!
Thanks for the feedburner update code…!By the way, I set page rules for CloudFlare on admin and login. There’s no caching on it. attached with the photo of the settings:
http://www.screencast.com/t/Nj8Qfznt
http://www.screencast.com/t/hcQ0pzdADmyThis week will get in another new customer for ya…hopefully she is ready to purchase ait now(cos she said she need to tweak her website first before pump in ait(for sure) )
Additional question- The client will be using WordPress Mobile App to post from her cellphone. As i read from the bps guide, i removed the code in the 14. CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE: Add miscellaneous code here
# XML-RPC DDoS & TRACKBACK/PINGBACK PROTECTION # Using this code blocks Pingbacks and Trackbacks on your website. # You can whitelist your IP address if you use A Weblog Client # or want to whitelist an IP address for any other reasons. # Example: uncomment #Allow from x.x.x. by deleting the # sign and # replace the x's with your actual IP address. Allow from 99.88.77. # Note: It is recommended that you use 3 octets x.x.x. of your IP address # instead of 4 octets x.x.x.x of your IP address. <FilesMatch "^(xmlrpc\.php|wp-trackback\.php)"> Order Deny,Allow #Allow from x.x.x. Deny from all </FilesMatch>
Is there a way of STILL blocking xmlrpc.php request BUT allow only from WordPress Mobile App access?
Regards,
Alex
AITpro AdminKeymaster@ AW – Great! Thanks for confirming the Plugin Firewall whitelist rule works.
The WordPress xmlrpc.php file no longer needs to be blocked/protected anymore. WordPress fixed the exploit in the xmlrpc.php file a couple of years ago. So the xmlrpc Bonus Custom Code is obsolete and no longer needed.
Baton VladParticipantHi,
if i am checking on a testsite and the social login with Google or FB, i get the following message:
“Error 403
We’re sorry, but we could not fulfill your request for /testseite/?option=moopenid on this server.
You do not have permission to access this server. Data may not be posted from offsite forms.
Your technical support key is: 5edc-4e22-cd36-1abb
You can use this key to fix this problem yourself.
If you are unable to fix the problem yourself, please contact harry at all4hardware4u.de and be sure to provide the technical support key shown above.”What could this be?
Best regards
-
AuthorPosts
- You must be logged in to reply to this topic.