Several things have changed in WooCommerce that worked in the past and that no longer work anymore. If you have BPS free installed then disregard the steps for whitelisting plugin scripts in the BPS Pro Plugin Firewall and just do the BPS Query String Exploits code fix below.
Problem: WooCommerce Checkout page is blank. For some odd reason the BPS Pro Plugin Firewall does not see this blocked frontloading script and that probably has to do with some internal WooCommerce rewriting that makes it impossible for them to be seen correctly by the Plugin Firewall. See the solution after this section of WooCommerce Checkout page errors below. To see/check for these errors use the Google Chrome Browser > click the 3 bar setting icon > hover over “More tools” > click Developer Tools to see the Google Chrome Developer Tools > select the Console tab to view/check for any errors.
Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/ip-geo-block/admin/js/authenticate.min.js?ver=2.2.2.3 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/woocommerce-checkout-customizer/static/js/frontend/v2.3//update_payment_block.js?ver=1.0 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/woocommerce-checkout-customizer/static/js/frontend/v2.3//general.js?ver=1.0 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/woocommerce-checkout-customizer/static/js/frontend/custom.js?ver=4.4.2 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/woocommerce/assets/js/frontend/country-select.min.js?ver=2.5.2 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/cleantalk-spam-protect/inc/cleantalk_nocache.js?random=5.36.1 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/woocommerce/assets/js/frontend/checkout.min.js?ver=2.5.2 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/woocommerce-checkout-customizer/static/js/frontend/v2.3//collect_wizard.js?ver=1.0 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/woocommerce/assets/js/frontend/address-i18n.min.js?ver=2.5.2 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/woocommerce-gateway-braintree/assets/js/frontend/wc-braintree.min.js?ver=3.1.0 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/ip-geo-block/admin/js/authenticate.min.js?ver=2.2.2.3 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/woocommerce/assets/js/select2/select2.min.js?ver=3.5.4 Failed to load resource: the server responded with a status of 403 (OK) https://www.aksorganics.com.au/wp-content/plugins/woocommerce-google-address-kwnlcd/js/woogoogad.js?ver=2.2.1 Failed to load resource: the server responded with a status of 403 (OK) front.js?ver=4.4.2:138 TypeError: Cannot read property 'length' of undefined(…) (index):2445 Uncaught ReferenceError: WC_Braintree_Credit_Card_Payment_Form_Handler is not defined https://www.aksorganics.com.au/wp-content/plugins/cleantalk-spam-protect/inc/cleantalk_nocache.js?random=5.36.1 Failed to load resource: the server responded with a status of 403 (OK)
Solution: manually enter the blocked frontloading script in the Plugin Firewall Whitelist Text Area. Note: if you see different plugin scripts that are being blocked then you would created whitelist rules for those plugin scripts.
In this particular case adding these 3 whitelist rules in the Plugin Firewall Whitelist Text area worked perfectly:
/cleantalk-spam-protect/(.*).js, /woocommerce(.*).js, /ip-geo-block/(.*).js
Plugin Firewall Manual Setup Steps
1. Copy and paste plugin scripts/whitelist rules to the Plugins Script|File Whitelist Text Area.
2. Click the Save Whitelist Data button.
3. Click the Create Firewall Master File button.
4. Select the Plugin Firewall BulletProof Mode Radio button.
5. Click the Activate|Deactivate button to activate the Plugin Firewall.
Problem: Creating a WooCommerce skip/bypass for the shop or cart or wishlist or checkout folder no longer works anymore.
Solution: Unfortunately the entire block of BPS Query String Exploit code needs to be modified and added to BPS Custom Code.
1. Copy the modified BPS Query String Exploits code below to this BPS Root Custom Code text box:
2. Click the Save Root Custom Code button.
3. Go to the Security Modes page, click the Create secure.htaccess File AutoMagic button, select the Activate Root Folder BulletProof Mode Radio button and click the Activate|Deactivate button.
# BEGIN BPSQSE BPS QUERY STRING EXPLOITS
# The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good bots use it too.
# Good sites such as W3C use it for their W3C-LinkChecker.
# Use BPS Custom Code to add or remove user agents temporarily or permanently from the
# User Agent filters directly below or to modify/edit/change any of the other security code rules below.
RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
RewriteRule ^(.*)$ - [F]
# END BPSQSE BPS QUERY STRING EXPLOITS
-
This topic was modified 22 hours, 51 minutes ago by
AITpro Admin.
-
This topic was modified 22 hours, 47 minutes ago by
AITpro Admin.
-
This topic was modified 22 hours, 46 minutes ago by
AITpro Admin.
-
This topic was modified 22 hours, 45 minutes ago by
AITpro Admin.
