Xternal Tools XTF Guide

Home Forums BulletProof Security Pro Xternal Tools XTF Guide

Tagged: ,

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #23299
    AITpro Admin
    Keymaster

    BPS Pro Xternal Tools (XTF)BPS Pro Xternal Tools (XTF)

    • The Xternal Tools page has 2 layers of protection: Password Protection and the BPS Pro Plugin Firewall.
    • The Xternal Tools Form can only be viewed/accessed/unlocked by entering your Database username and password.
    • Email alerts are sent to you when the Unlock Xternal Tools Form and the Xternal Tools Form are submitted.
    • After you are done using the BPS Pro Xternal Tools Form, click the Lock Xternal Tools Form button.
    • Only your current IP address: 0.0.0.0 is allowed to view/access the Xternal Tools page.

    To access/view the BPS Pro Xternal Tools (XTF) page enter this URL in your Browser:
    http://www.your-website-domain.com/wp-content/plugins/bulletproof-security/admin/xternal/xternal.php

    Note: If you are seeing a 403 error and/or are unable to view/access the XTF Form page using the URL above. Use FTP or your web host control panel file manager and delete your Plugin Firewall htaccess file /plugins/.htaccess. You should now be able to view/access the XTF Form page. The XTF Form can also be used as a stand-alone form by copying it to your website root folder. Copy the xternal.php file (/bulletproof-security/admin/xternal/xternal.php) to your website root folder and use this URL to view/access the XTF Form: http://www.your-website-domain.com/xternal.php.  See the XTF Form Stand-Alone Website Root Folder Usage help section below.

    BPS Pro Xternal Tools (XTF) Form Unlock Window:
    The XTF Form is locked by default. To unlock the XTF Form enter your Database username and password from your wp-config.php file.
    BPS Pro Xternal Tools (XTF) Unlock

    BPS Pro Xternal Tools (XTF) Video Tutorial:  BPS Pro Xternal Tools (XTF) Video Tutorial

    Xternal Tools (XTF) Intended Usage: The XTF Form is locked by default and requires that you unlock it first to be able to use it.  The BPS Pro Xternal Tools are intended to be used when you are unable to login to your website to fix an issue/problem.  You can turn Off BPS Pro features using the XTF Form options without having to be logged into your website.  You can select several XTF Form options at the same time such as Turn Off|Deactivate AutoRestore|Quarantine (ARQ), Turn Off|Unschedule All Cron Jobs and Restore All Files in Quarantine.  If the issue/problem requires additional troubleshooting steps you can use the BulletProof Security Pro Troubleshooting Steps.

    XTF Form Stand-Alone Website Root Folder Usage
    Use the steps below to copy the xternal.php file to your website root folder if you are seeing a 403 error or are unable to access the XTF Form using the normal XTF Form URL: /wp-content/plugins/bulletproof-security/admin/xternal/xternal.php.

    1. Unzip the bulletproof-security.zip file on your computer or use FTP and download the /bulletproof-security/admin/xternal/xternal.php file from your website.
    2. Use FTP and rename the /bulletproof-security plugin folder to /_bulletproof-security.
    3. Use FTP and upload the xternal.php file to your website root folder.
    4. Go to the Xternal Tools page in your Browser: example.com/xternal.php. If you are seeing a 403 error instead of the XTF form then delete your root htaccess file.
    5. Enter your DB Username and Password from your wp-config.php file to view/access/unlock the BPS Pro Xternal Tools Form.
    6. Choose the XTF Form options you want to use.
    7. Click the Lock Xternal Tools Form button after you are done using the XTF Form to lock the XTF Form.
    8.  Use FTP and rename the /_bulletproof-security plugin folder back to /bulletproof-security.

    Important Note: If you have BPS Pro 12.8 or higher versions of BPS Pro installed click this link for quickier and easier steps to fix quarantined files problems: https://forum.ait-pro.com/forums/topic/website-not-loading-after-wordpress-upgrade-or-theme-upgrade-500-error-files-quarantined/. BPS Pro 12.8+ versions automatically deactivate/turn ARQ Off when the /bulletproof-security/ plugin folder is renamed instead of having to use the BPS Pro XTF Form Tools to deactivate/turn ARQ Off.

    Turn Off|Deactivate AutoRestore|Quarantine (ARQ)
    Usage:  If you are unable to log into your site due to a problem with AutoRestore|Quarantine (ARQ), select the Turn Off|Deactivate AutoRestore|Quarantine (ARQ) XTF Form option and click the Submit Xternal Tools Form button.  If you manually edited your wp-config.php file and added new Database connection information and the wp-config.php file was quarantined and you are unable to login to your site you can turn off ARQ and select the Restore All Files in Quarantine XTF Form option to restore your wp-config.php file.  Your website is displaying blank/white due to files being sent to Quarantine.  Select turn off ARQ and select Restore All Files in Quarantine XTF Form options.  If excessive files have been quarantined you can turn off ARQ and either delete or restore all files by selecting the Delete All File In Quarantine or Restore All Files In Quarantine XTF Form options.

    Turn Off|Deactivate Login Security (LSM)
    Usage:  If you are unable to log into your site due to a problem with Login Security (LSM), select the Turn Off|Deactivate Login Security (LSM) XTF Form option and click the Submit Xternal Tools Form button.  If your user account was locked, turning off LSM will allow you to log back into your site so that you can go to the BPS Pro Login Security & Monitoring page and unlock your user account.

    Turn Off|Deactivate JTC Anti-Spam|Anti-Hacker (JTC)
    Usage:  If you are unable to log into your site due to a problem with JTC Anti-Spam|Anti-Hacker (JTC), select the Turn Off|Deactivate JTC Anti-Spam|Anti-Hacker (JTC) XTF Form option and click the Submit Xternal Tools Form button.  If you entered an invalid JTC CAPTCHA or some other JTC setting that is not allowing you to login to your site, turning off JTC will allow you to log back into your site so that you can go to the BPS Pro JTC Anti-Spam|Anti-Hacker page and correct whatever JTC setting is causing the issue/problem.

    Turn Off|Deactivate Idle Session Logout (ISL)
    Usage:  If you are unable to log into your site due to a problem with Idle Session Logout (ISL), select the Turn Off|Deactivate Idle Session Logout (ISL) XTF Form option and click the Submit Xternal Tools Form button.

    Turn Off|Deactivate Auth Cookie Expiration (ACE)
    Usage:  If you are unable to log into your site due to a problem with Auth Cookie Expiration (ACE), select the Turn Off|Deactivate Auth Cookie Expiration (ACE) XTF Form option and click the Submit Xternal Tools Form button.

    Turn Off|Deactivate the Plugin Firewall (PFW)
    Usage:  If you are unable to log into your site due to a problem with Plugin Firewall (PFW), select the Turn Off|Deactivate the Plugin Firewall (PFW) XTF Form option and click the Submit Xternal Tools Form button.

    Turn Off|Deactivate BackEnd Maintenance Mode (MMode)
    Usage:  If you are unable to log into your site due to a problem with BackEnd Maintenance Mode (MMode), select the Turn Off|Deactivate BackEnd Maintenance Mode (MMode) XTF Form option and click the Submit Xternal Tools Form button. If you are locked out of the BackEnd of your site, turning off BackEnd MMode will allow you to log back into your site so that you can go to the BPS Pro B-Core page or the Maintenance Mode page and correct whatever setting is causing the issue/problem.  Note:  The turn off BackEnd MMode option does the same thing as the Turn Off WBM option – deletes your wp-admin htaccess file if the wp-admin htaccess file is preventing you from logging into your site.

    Turn Off|Unschedule All Cron Jobs
    Usage:  This XTF Form option turns off/unschedules all BPS Pro Cron Jobs:  ARQ Cron Job, DB Backup Cron Job, DB Monitor Cron Job, HPF Cron, Plugin Firewall AutoPilot Mode Cron Job, etc.  All BPS Pro Cron Jobs that do automated things will be turned off.

    Unlock All Locked Files
    Usage:  This XTF Form option unlocks these files:  root .htaccess file, wp-config.php file, the wp root index.php file, the wp-blog-header.php file, DR and GWIOD htaccess and index.php files.

    Restore All Files in Quarantine
    Usage:  If you are unable to log into your site due to a problem with AutoRestore|Quarantine (ARQ) and legitimate files being quarantined, select the Restore All Files in Quarantine XTF Form option and click the Submit Xternal Tools Form button. If you manually edited your wp-config.php file and added new Database connection information and the wp-config.php file was quarantined and you are unable to login to your site you can turn off ARQ and select the Restore All Files in Quarantine XTF Form option to restore your wp-config.php file. Your website is displaying blank/white due to files being sent to Quarantine. Select turn off ARQ and select Restore All Files in Quarantine XTF Form options. If excessive files have been quarantined you can turn off ARQ and either delete or restore all files by selecting the Delete All File In Quarantine or Restore All Files In Quarantine XTF Form options.

    Delete All Files in Quarantine
    Usage:  If excessive files have been sent to Quarantine and you are unable to delete all the files in Quarantine using the Quarantine Sort|Search Feature, select the Delete All Files in Quarantine XTF Form option and click the Submit Xternal Tools Form button. If excessive files have been quarantined you can turn off ARQ and either delete or restore all files by selecting the Delete All File In Quarantine or Restore All Files In Quarantine XTF Form options.

    Turn Off|Deactivate Root BulletProof Mode (RBM)
    Usage:  If you are unable to log into your site due to a problem with Root BulletProof Mode (RBM), select the Turn Off|Deactivate Root BulletProof Mode (RBM) XTF Form option and click the Submit Xternal Tools Form button.  Turning off Root BulletProof Mode (RBM) will allow you to log back into your site so that you can go to the BPS Pro B-Core page and correct whatever setting or code (BPS Custom Code) is causing the issue/problem.  If you are locked out of the BackEnd/wp-admin Dashboard of your site, turning off WBM will allow you to log back into your site.  The Turn Off|Deactivate Root BulletProof Mode (RBM) XTF Form option deletes your root htaccess file so that you can log back into your site if the root htaccess file is preventing your from logging into your site.

    Turn Off|Deactivate wp-admin BulletProof Mode (WBM)
    Usage:  If you are unable to log into your site due to a problem with wp-admin BulletProof Mode (WBM), select the Turn Off|Deactivate wp-admin BulletProof Mode (WBM) XTF Form option and click the Submit Xternal Tools Form button. If you are locked out of the BackEnd/wp-admin Dashboard of your site, turning off WBM will allow you to log back into your site so that you can go to the BPS Pro B-Core page and correct whatever setting or code (BPS Custom Code) is causing the issue/problem. Note: The turn off BackEnd MMode option does the same thing as the Turn Off WBM option – deletes your wp-admin htaccess file if the wp-admin htaccess file is preventing you from logging into your site.

    Reinstall BPS Pro plugin files:
    • ONLY installs the bulletproof-security.zip file.
    • The zip file MUST be named bulletproof-security.zip.
    • Installation Method: ZipArchive or PclZip.
    • Overwrites existing BPS Pro plugin files.
    • Does NOT change BPS Pro database settings.
    Usage:  This XTF Form option allows you to reinstall the BPS Pro plugin files if you are unable to login to your site and reinstall BPS Pro plugin files using the BPS Pro built-in Upload Zip Installer under the Setup main menu >>> Upload Zip Install submenu

    #32148
    dtyler1
    Participant

    [Topic has been merged into this relevant Topic]
    I am trying to access xternal tools on my primary domain with Godaddy.

    1. When  I followed this I got the 403 error.  http://www.your-website-domain.com/wp-content/plugins/bulletproof-security/admin/xternal/xternal.php
    2. I then deleted the plugins/.htaccess file and then got back a blank screen accessing the above link (with my domain)
    3. I moved the xternal.php file to the root directory (public_html) and the blank screen appeared again when accessing it as a stand alone tool

    I’m not sure if maybe I’m putting the file in the wrong place since it is root domain on shared Godaddy hosting. If I followed this process with the addon domains, it works fine.

    #32150
    AITpro Admin
    Keymaster

    See the XTF Form Stand-Alone Website Root Folder Usage steps above to use the xternal.php file in your root folder.

    #32161
    dtyler1
    Participant

    I went through the steps for the stand alone website root folder usage and it still isn’t working. Also, tried again deleting the plugin .htaccess file to remove the 403 and it didn’t work either. I restored the .htaccess file and the 403 is showing again instead of the blank page.

    I also deactivated each plugin from the file manager and that did not work either.

    #32162
    AITpro Admin
    Keymaster

    So are you seeing blank page when you go to your home page or any of your website pages?  If so, this has nothing to do with the XTF form and is problem with your site itself.  When did the problem occur?  Did a WP Automatic Update occur?  What occurred or was happening when the problem occurred?

    #32163
    dtyler1
    Participant

    Yes, that’s right. I don’t have a timeline of events, but it’s been down for long time.

    #32164
    AITpro Admin
    Keymaster

    Ok send me this file:  /wp-content/bps-backup/logs/autorestore_log.txt.  So I can see what happened and tell you what to do to fix the problem.  Email:  info at ait-pro dot com.

Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.