Quantcast
Channel: BulletProof Security Forum » All Posts
Viewing all 12461 articles
Browse latest View live

Reply To: Plugin Firewall Whitelist Rules not being added

July 26, 2019, 10:38 am
$
0
0

Yep, the attack on your site is fairly big, but sometimes our forum site gets attacked for days at a rate of 1,000 attacks per second.  Luckily the way we have designed BPS Pro, it deflects all attacks instead of creating any significant resource usage for your server/website.  In other words, everything functions and performs as if the attack were not occurring at all.

That feature has already been added to the Security Log. 😉  You don’t need to do anything with the Security Log.  When the Security Log reaches the size setting that you have chosen or the default size setting then it will be automatically zipped, emailed to you and replaced with a new blank Security Log file.

Search

Reply To: Plugin Firewall Whitelist Rules not being added

July 26, 2019, 10:40 am

Reply To: Plugin Firewall Whitelist Rules not being added

July 26, 2019, 10:46 am
$
0
0

That feature already exists for the Security Log.  Not sure if you thought I was saying we will add that or if you understood that the Security Log already has completely automated functionality for exactly this type of scenario – ie massive brute force attacks can fill up several Security Log files in a day.

Reply To: Plugin Firewall Whitelist Rules not being added

July 26, 2019, 11:39 am
$
0
0

Ok, I found it. Under S-Monitor.

Thanks.

I'm actually hacked (not necessarily BPS fault)

July 28, 2019, 5:04 pm
$
0
0

It is hard to find way how to begin.

Today at moment of happening, BPS sent me email alert

The BPS Pro Hidden Plugin Folders|Files (HPF) Cron has detected a hidden or empty plugin folder or a non-standard WP file or altered file in the /plugins/ folder. To view exact details of what was detected, log into your website and check the Hidden Plugin Folders|Files (HPF) Dashboard Alert.

Fact is that I wasn’t capable to login at that moment(s) (loop) and it was cca 10 min.

  • When I logged, there was no alerts by BPS on dashboard???

Now, about 5 hours later, there is no more site access (but FTP is available).

A) FACT ONE – There is one Bitnami server with 6 modules. Only this module is harmed. Module is subdomain of main domain.

B) FACT TWO – For me looks that I was kind of ‘suspended’ by one plugin developer (I will not reveal here about who is it), despite the zero violations of contract by me. But we will see.

So, my QUESTION IS:

  • What happened that I have email warning and no Dashboard warning?
  • As it is obvious (from my point of view) .htaccess hack (redirection to Bitnami LAMP). How where and what to look on FileZilla?

If it is ‘third party’ hack, I’m not worried as tomorrow morning I will reinstall server with fresh instances. However, I would like to get idea what could be in issue.

Reply To: I think my website is hacked

July 28, 2019, 5:43 pm
$
0
0

Your site may or may not be hacked.  Before assuming your site is hacked assume that you are experiencing some sort of configuration or other technical problem. Typically when your site is hacked there is zero doubt that your site is actually hacked.  Everything you have generally described indicates a technical problem and not a hack.

I really cannot give you any sort of answer to your general information.  Personally I don’t believe your site is hacked and you just need to take a deep breath and figure out logically what has occurred.  If you would like for me to join in the fun then send me a WordPress Admin login to this site and FTP or SSH access to your hosting account >>> info at ait-pro dot com.  Don’t panic, just relax and look at the problem(s) logically.

Moving a Site

July 31, 2019, 10:02 am
$
0
0

I want to move a site that has BPS Pro installed and activated.

Should I just deactivate the plugin and then move the site and then reactivate again and run setup in the new domain?

Anything else I should do with BPS Pro?

Thanks.

Reply To: Moving a Site

July 31, 2019, 10:11 am
Search

Reply To: Moving a Site

July 31, 2019, 10:26 am

Reply To: Migrating, Moving or Cloning Websites

July 31, 2019, 12:03 pm
$
0
0

Everything worked here, thanks.

There is one thing that would be nice to be implemented if it isn’t too difficult to do:

After importing the cc-master.zip to the new site, it would be nice if in the Bonus Custom Code section, the appropriate codes are updated appropriately (i.e. they don’t show up if it was imported).

It’s not important, I realize that, but, it saves me time from checking which bonus codes I copied and which ones I didn’t.

Reply To: Migrating, Moving or Cloning Websites

July 31, 2019, 12:09 pm
$
0
0

There may be a problem with the Custom Code export feature.  We just found a pretty significant problem with our DB Backup feature that we need to fix ASAP.  The problem with the DB Backup feature is that any data that has a percent sign is processed/executed/interpreted by MySQL instead of being treated as a literal string.  You can manually edit the cc-master.zip file by extracting the zip file on your computer and then manually copying and pasting the Root and wp-admin custom code to the appropriate Custom Code text boxes.

Is this Plugin Firewall issue?

August 1, 2019, 6:40 am
$
0
0

I installed this plugin for WPBakery which is supposed to have about 700+ addon elements. But, I only get 15. I noticed these issues in the log. Is this probably a plugin firewall issue?

[01-Aug-2019 04:50:38 UTC] PHP Fatal error: Uncaught Error: Call to undefined method UniteCreatorAddons::setStateFilterActive() in ./wp-content/plugins/unlimited-addons-for-wpbakery-page-builder/inc_php/unitecreator_categories.class.php:589
Stack trace:
#0 ./wp-content/plugins/unlimited-addons-for-wpbakery-page-builder/inc_php/unitecreator_actions.class.php(150): UniteCreatorCategories->getCatListFromData(Array)
#1 ./wp-content/plugins/unlimited-addons-for-wpbakery-page-builder/unitecreator_admin.php(244): UniteCreatorActions->onAjaxAction()
#2 ./wp-includes/class-wp-hook.php(286): UniteCreatorAdmin->onAjaxAction(”)
#3 ./wp-includes/class-wp-hook.php(310): WP_Hook->apply_filters(”, Array)
#4 ./wp-includes/plugin.php(465): WP_Hook->do_action(Array)
#5 ./wp-admin/admin-ajax.php(173): do_action(‘wp_ajax_unitecr…’)
#6 {main}
thrown in ./wp-content/plugins/unlimited-addons-for-wpbakery-page-builder/inc_php/unitecreator_categories.class.php on line 589

Reply To: Is this Plugin Firewall issue?

August 1, 2019, 8:44 am
$
0
0

Yep, it could be a BPS Pro Plugin Firewall problem or a coding mistake in that plugin.  Try deactivating the BPS Pro Plugin Firewall > Troubleshooting step #3 below and and let me know if you continue to see php errors for that plugin.

https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting

1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works.
2. On the Security Modes page, click the wp-admin Folder BulletProof Mode Deactivate button.  See Custom Code Note if doing this step works.
3. On the Security Modes page, click the Plugin Firewall BulletProof Mode Deactivate button.  See Plugin Firewall Test Mode Note.
4. On the Security Modes page, click the UAEG BulletProof Mode Deactivate button.
5. If an issue/problem is related to files being locked with F-Lock then unlock files on the F-Lock page.
6. If an issue/problem is related to Login Security turn Off Login Security on the Login Security & Monitoring page.
7. If an issue/problem is related to JTC Anti-Spam|Anti-Hacker turn Off JTC Anti-Spam|Anti-Hacker on all Forms by unchecking the Form checkboxes under the Enable|Disable JTC For These Forms option on the JTC Anti-Spam|Anti-Hacker page.
8. If an issue/problem is related to a custom php.ini file (if you created a custom php.ini file for your website) rename it to php.ini.BAK
9. If an issue/problem is related to files being autorestored and/or quarantined turn Off AutoRestore|Quarantine on the AutoRestore page. Note: If you are manually editing or uploading files to your website see the AutoRestore|Quarantine Manual File Editing/Uploading Correct Usage steps: https://forum.ait-pro.com/forums/topic/autorestore-quarantine-guide-read-me-first/#procedural-steps

new post notifications blocked-PHP error

August 2, 2019, 4:41 am
$
0
0

New post notifications being blocked from Email Subscribers plugin. How do I solve this. TIA

[BPS Pro htaccess Protected Secure PHP Error Log]

[02-Aug-2019 10:48:45 UTC] WordPress database error Unknown column meta in field list for query INSERT INTO qxd_ig_mailing_queue...

403 GET request security errors

August 2, 2019, 5:45 am
$
0
0

Getting frequent SeurityLog errors that seem to be the same issue:

[403 GET Request: 02/08/2019 - 14:40]
BPS Pro: 14
WP: 5.2.2
Event Code: PFWR-PSBR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: 88.16.219.149
Host Name: 149.red-88-16-219.dynamicip.rima-tde.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR: 69.195.124.165
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://www.abzu2.com/wp-admin/admin.php?page=bulletproof-security%2Fadmin%2Fautorestore%2Fautorestore.php
REQUEST_URI: /wp-content/plugins/bulletproof-security/admin/js/bps-ui-accordion.js?ver=14
QUERY_STRING: ver=14
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0
Search

Reply To: new post notifications blocked-PHP error

August 2, 2019, 8:44 am
$
0
0

Most likely there is a coding mistake in the mail plugin that you are using.  Contact the plugin author for whichever mail plugin that are using and send them the php error so they can figure out where the coding mistake is.

Reply To: 403 GET request security errors

August 2, 2019, 8:49 am
$
0
0

This is a Proxy server problem with the BPS Pro Plugin Firewall.  Try the steps below and let me know if this fixes the problem.

https://forum.ait-pro.com/forums/topic/plugin-firewall-read-me-first-troubleshooting/

Fix all general Plugin Firewall issues/problems and Proxy server configuration mistakes:
Note this fix also applies to using a VPN|Proxy when you are logged into your website.
Additional steps to fix both general Plugin Firewall issues/problems and to compensate for an additional Proxy server configuration mistake (whitelist the Proxy IP Address). Note: This only applies to Proxy server issues/problems. Use the steps above unless specifically instructed to use these steps below to fix/whitelist a Proxy server IP address problem.

1. Go to the BPS Security Log page and click the Delete Log button to delete your current Security Log file contents.
2. Go to the Plugin Firewall page.
3. Click the Plugin Firewall Additional Whitelist Tools accordion tab.
4. Enter Proxy server IP address: xxx.xxx.xxx.xxx in the Whitelist by Hostname (domain name) and IP Address text box.
5. Click the Save Hostname and IP Address Rules button.
6. Click the Plugin Firewall BulletProof Mode Deactivate button.
7. Delete (or cut if you want to add your existing whitelist rules back into the Plugins Script|File Whitelist Text Area) all of your Plugin Firewall whitelist rules out of the Plugins Script|File Whitelist Text Area.
8. Click the Save Whitelist Options button.
9. Click the Plugin Firewall Test Mode button.
10. Check your site pages by clicking on all main website pages: contact form page, home page, login page, etc.
11. Recheck the Plugins Script|File Whitelist Text Area (after 1 minute) and you should see new Plugin Firewall whitelist rules have been created.
12. Change the AutoPilot Mode Cron Check Frequency to 15 minutes or whatever frequency time you would like to use.
13. Click the Plugin Firewall Activate button.

Reply To: Plugin Firewall Whitelist Rules not being added

July 26, 2019, 9:36 am
$
0
0

Ok your website is currently under a massive brute force attack.  That would explain the delay in Plugin Firewall AutoPilot Mode not creating the whitelist rules right away.  When a website is under a massive brute force attack and you have the BPS Pro plugin installed you and your visitors will not notice any difference in website performance, but things like AutoPilot Mode are going to be adversely affected temporarily.  Brute force attacks can last minutes to days.  You do not need to do anything since BPS Pro is already handling the brute force attack.  Your website is safe and there is nothing further that needs to be done and you don’t need to worry about this at all.

Reply To: Plugin Firewall Whitelist Rules not being added

July 26, 2019, 9:39 am
$
0
0

I put the Plugin Firewall in Test Mode to speed up Plugin Firewall AutoPilot Mode whitelist rule creation and it is working fine even though your site is being attacked right now.

Reply To: Plugin Firewall Whitelist Rules not being added

July 26, 2019, 9:50 am
$
0
0

So, how do you know it’s under attack? Is it just based on the attempts of logins to wp-login.php? Because, yes, I see a ton of log entries for that.

Viewing all 12461 articles
Browse latest View live
Search