We were notified yesterday about this bug in the Plugin Firewall AutoPilot Mode filter code and have fixed the bug in the AutoPilot filter code. We will be releasing BPS Pro 10.3 later today with this new bugfix. Upgrading to BPS Pro 10.3 will automatically remove/delete any Plugin Firewall whitelist rules that should not exist. The automated whitelist rule cleanup is included in the AutoPilot Mode Cron. The whitelist rule cleanup will occur when the next scheduled AutoPilot Mode Cron is run. This is also a new enhancement to the AutoPilot Mode code that will remove/delete any old whitelist rules that are no longer necessary/being used. ie if you had a plugin installed at one point that required whitelist rules and have removed/deleted that plugin at some point then those old whitelist rules will be automatically removed/deleted by the AutoPilot Mode Cron.
Apparently this is some sort of new probe/recon method that just started being used recently. Since these files do not actually exist on your website then there is no security risk to your website and the bug is just causing a nuisance problem: ie Plugin Firewall whitelist rules are being created for files that do not actually really exist. For files that do actually really exist, those files are still protected by other overlapping security protection features/methods in BPS Pro.
Note: Special thanks to Alex Stamatellos at Webcentrix LLC for finding a bug in the Plugin Firewall AutoPilot Mode filter code, which lead to a significant filter improvement in the Plugin Firewall AutoPilot Mode code in BPS Pro 10.3.
- This reply was modified 6 hours, 13 minutes ago by AITpro Admin.
- This reply was modified 6 hours, 1 minute ago by AITpro Admin.
- This reply was modified 5 hours, 40 minutes ago by AITpro Admin.
- This reply was modified 5 hours, 39 minutes ago by AITpro Admin.