Support » Plugin: BulletProof Security » Broken Link Checker plugin HEAD Request Method filter problem detected

Viewing 15 replies - 1 through 15 (of 30 total)
  • Plugin Author AITpro

    (@aitpro)

    If you are still seeing the Notice then you did not complete all of the Custom Code steps. The check is done by looking at 2 things:
    1. is the BLC plugin installed and activated
    2. is the HEAD Request string in your root .htaccess file. If you have other non-BPS .htaccess code in your root .htaccess file and it matches this pattern “HEAD|TRACE|DELETE|TRACK|DEBUG” then the notice will still be displayed.

    if ( $return_var == 1 && !strpos($check_string, "HEAD|TRACE|DELETE|TRACK|DEBUG") ) { // 1 equals active
    		return;
    	}
    
    	if ( $return_var == 1 && strpos($check_string, "HEAD|TRACE|DELETE|TRACK|DEBUG") ) {
    Thread Starter leejosepho

    (@leejosepho)

    I did a search and found all of this together where I had manually added the new part:

    # REQUEST METHODS FILTERED
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
    RewriteRule ^(.*)$ - [F,L]
    
    ## The TRACE, DELETE, TRACK and DEBUG request methods should never be allowed against your website.
    # ref http://forum.ait-pro.com/forums/topic/broken-link-checker-plugin-403-error/
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
    RewriteRule ^(.*)$ - [F,L]

    If you might get me straightened out here, I will let BPS do that from now on!

    Plugin Author AITpro

    (@aitpro)

    Yep it is simpler to just let Custom Code handle this. So add your Custom Code to the correct Custom Code text box, click the Save Root Custom Code button, go to the Security Modes page, click the Create secure.htaccess File AutoMagic button and activate Root Folder BulletProof Mode again.

    http://forum.ait-pro.com/forums/topic/broken-link-checker-plugin-403-error/

    Thread Starter leejosepho

    (@leejosepho)

    Now that I understand exactly which button does what and where and how and all of that, I will begin at the very beginning and let BPS do it all from “square one”!

    Many thanks.

    Thread Starter leejosepho

    (@leejosepho)

    Okay, so I am at this part:

    “CUSTOM CODE REQUEST METHODS FILTERED: Whitelist User Agents or remove HEAD here
    You MUST copy and paste the entire REQUEST METHODS FILTERED section of code from your root .htaccess file into this text box first…”

    I know how to do that, but then what do I do here?

    “You can then edit and modify the code in this text window and save your changes.”

    Do I replace the previous with this?
    http://forum.ait-pro.com/forums/topic/broken-link-checker-plugin-403-error/

    Plugin Author AITpro

    (@aitpro)

    In this particular case the “edits” to the code have already been done. You are just copying and pasting that edited code that we already created here: http://forum.ait-pro.com/forums/topic/broken-link-checker-plugin-403-error/ into the Custom Code text box and doing the rest of the Custom Code steps. Whatever you save to a Custom Code text box is that code that will be written to your root .htaccess file so whatever code you want in your root .htaccess file is the code you will be saving to Custom Code.

    Thread Starter leejosepho

    (@leejosepho)

    Whatever you save to a Custom Code text box is that code that will be written to your root .htaccess file so whatever code you want in your root .htaccess file is the code you will be saving to Custom Code.

    Yes, and it has all worked perfectly just like that.

    Many thanks.

    I have some additional questions about how htaccess works at my sites while I am doing a manual WordPress upgrade, and I will summarize all of that so you can take a look and see what you think might be going on. I am putting up an HTML “Maintenance Mode” page, and something somewhere is acting differently at one BlueHost account and another where each has the primary domain in a sub-folder and one account has two additional sub-domains.

    Plugin Author AITpro

    (@aitpro)

    Ok will answer those questions on Monday. We are officially closed as of 3 minutes ago. have a good one!

    Thread Starter leejosepho

    (@leejosepho)

    Okay, here is what I have:

    ### Server Account A
    public_html/.htaccess (pointing *only* to primary.domain)
    >> primarydomain/.htaccess (full BPS file) for http://primary.domain/
    >>>> /index.html (for Maintenance Mode)
    >> add-on1domain/.htaccess (full BPS file) for http://add-on1.domain/
    >>>> /index.html (for Maintenance Mode)
    >> add-on2domain/.htaccess (full BPS file) for http://add-on2.domain/
    >>>> /index.html (for Maintenance Mode)
    ###

    ### Server Account B
    public_html/.htaccess (pointing to primary.domain)
    >> primarydomain/.htaccess (full BPS file) for http://primary.domain/
    >>>> /wp-maintenance/index.html (for Maintenance Mode)
    >> add-on1domain (not currently in use)
    ###

    To individually put an add-onX.domain in Maintenance Mode, I disable (rename) its own folder’s index.php file for the duration.

    To put Server Account A primary.domain in Maintenance Mode, I switch the following lines in Server Account A’s public_html/.htaccess:

    ## this next line is for Normal Mode
    #RewriteRule ^(/)?$ primarydomain/index.php [L]
    ## this next line is for Maintenance Mode
    RewriteRule ^(/)?$ primarydomain/index.html [L]

    But to put Server Account B primary.domain in Maintenance Mode, I have to copy index.html into the primarydomain folder since I cannot just leave it there all the time like I can at Server Account A.

    The only thing that is different between public_html/.htaccess at Server Account A and Server Account B is that Server Account B’s public_html/.htaccess file does *not* include this line:

    AddHandler application/x-httpd-php53s .php

    Question: Is that why I cannot leave the “Maintenance Mode” index.html file in Server Account B’s primarydomain folder all the time like I can at Server Account A?

    Plugin Author AITpro

    (@aitpro)

    We have found a much simpler method to put a site in Maintenance Mode. This new method will be added to a later version of BPS. To manually use this method see this Forum link below.

    http://forum.ait-pro.com/forums/topic/maintenance-mode-in-gwiod-website/#post-8506

    Thread Starter leejosepho

    (@leejosepho)

    That would not work for me since /wordpress/wp-blog-header.php would not even exist during a manual upgrade.

    Plugin Author AITpro

    (@aitpro)

    Yes, you are correct. If you are doing a manual upgrade then there would be nothing to put in maintenance mode.

    Plugin Author AITpro

    (@aitpro)

    Also some basic info about index files. A Server will automatically look for an index file by default and load it if it exists. Either index.php, index.html or index.htm.

    Plugin Author AITpro

    (@aitpro)

    If you use another naming convention other than index.xxx then you can create .htaccess code to turn this file on or off without the Server automatically loading the file.

    Example: maintenance.php or maintenance.html

    Thread Starter leejosepho

    (@leejosepho)

    A Server will automatically look for an index file by default and load it if it exists. Either index.php, index.html or index.htm.

    If my Server Account A and Server Account B acted the same way, I would make use of that. But as things are, one acts differently than the other.

Viewing 15 replies - 1 through 15 (of 30 total)
  • The topic ‘Broken Link Checker plugin HEAD Request Method filter problem detected’ is closed to new replies.