Custom code 403 Forbidden error
On trying to save the deflate code in box 1 of the custom code for the root htaccess file I get a 403 error. This happens on several sites with different plugins and themes. The code is below please...
View ArticleReply To: Custom code 403 Forbidden error
That is a very common ModSecurity problem. The ModSecurity OWASP CRS Ruleset breaks the BPS Custom Code Forms and many other Forms in BPS. We are currently redesigning BPS to be “ModSecurity Proof”....
View ArticleDev Server: BPS broken after repeated deactivations
Hello! I need guidance on how to best re-instate BPS Pro after another dev deactivated multiple times. I can’t enable without the Firewall / Plugin Firewall blocking core functions. Should I just...
View ArticleReply To: Dev Server: BPS broken after repeated deactivations
Yep, the most logical thing to try first would be to manually delete the /plugins/bulletproof-security/ plugin folder and the Plugin Firewall htaccess file /plugins/.htaccess. Then re-install BPS Pro...
View ArticleReply To: Dev Server: BPS broken after repeated deactivations
After trying to delete the BPS plugin folder and also the plugin htaccess, and also the plugin from the WP dashboard, I’m still not able to activate the plugin, getting this error which indicates the...
View ArticleReply To: Dev Server: BPS broken after repeated deactivations
That is a caching issue with PclZip (The WordPress Plugin Upload Zip installer). Use FTP or your web host control panel file manager and rename the /bulletproof-security2-1/ folder name to...
View ArticleReply To: Dev Server: BPS broken after repeated deactivations
I did try that step and the plugin activation failed reporting that the folder did not exist, as if it were looking for the numbered BPS folder… then starting getting a fatal PHP error.
View ArticleReply To: Dev Server: BPS broken after repeated deactivations
Ok well that usually works. Double check that you are renaming the correct BPS Plugin folder and double check that all caches have been cleared. You should also try logging out of your website and...
View ArticleReply To: Dev Server: BPS broken after repeated deactivations
Wow, that was it, having downloaded multiple Pro Zips over the month of dev. Thanks for helping find this easy one!
View ArticleReply To: Dev Server: BPS broken after repeated deactivations
No problem and yeah I’ve done that boo boo before myself. 😉
View ArticleHow To Protect Upload Images in BPS
Greetings BPS, I encounter a security issue. My website does the registration for guests( I am doing an accommodation business ) Eventually all guests images is scan and upload via our website. All...
View ArticleReply To: How To Protect Upload Images in BPS
You can protect images so that no one including yourself or your website can display them. You can protect images by allowing them to only be viewed by logged in users. You can protect images by...
View ArticleReply To: How To Protect Upload Images in BPS
Greeting BPS, To be specified, all the new upload images is their ID and for the hotel accommocation to keep as acopy during check in. Only the ID is for personal reference. It is risky that if users...
View ArticleReply To: How To Protect Upload Images in BPS
Ok so what you need to do is this. Whatever upload form (plugin or theme) you are using you need to change the folder path option setting for where these images are stored under the hosting account....
View ArticleReply To: XAMPP Mod Security Setup – OWASP ModSecurity Core Rule Set setup
OWASP ModSecurity CRS testing, troubleshooting, solutions and pending redesign work for the BPS and BPS Pro Plugins: Major Redesign|ModSecurity CRS Proofing: The OWASP ModSecurity Core Rule Set...
View ArticleRoyal Mail Click and Drop – 403 error
I’m trying to integrate a postal service (Royal Mail, Click and Drop) with Woocommerce. Clicking the link RM provide to do this I get an error page: xxxxxxx.com 403 Forbidden Error Page If you arrived...
View ArticleReply To: Royal Mail Click and Drop – 403 error
The Query String is simulating an RFI hacking attempt, which is being blocked. 1. Copy the modified BPS Query String Exploits code below into this BPS Root Custom Code text box: 12. CUSTOM CODE...
View ArticleReply To: Redis Not Connecting After BP Pro Setup
Check your BPS Security Log for a log entry that shows what is being blocked in Redis/Litespeed plugin and post the Security Log entry in your forum reply. Have you done any BPS Pro troubleshooting...
View ArticlePopup Maker plugin being flagged with 403
Hi guys, I’ve just upgraded to pro and have an issue with the popup maker plugin triggering a 403 pretty much every time someone opens a page on my site: [403 GET Request: 28th August 2019 - 3:37 pm]...
View ArticleMotopress Hotel Booking – 403 error – Whitelist Rule required
I’ve searched for a solution in the forum, but couldn’t find any Skip/Bypass rule for this pluging. This is the security log: [403 GET Request: 28th August 2019 - 5:32 pm] BPS Pro: 14.1 WP: 5.2.2...
View Article