WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] Conflict with thirstyaffiliate features! (13 posts)

  1. Arafin Shaon
    Blocked
    Posted 1 year ago #

    I’m a big fan of your plugin. After installing it I found that Thirstyaffiliate’s post box popup window stopped working. If I deactivated you plugin it starts working again. Look at the following image

    http://i.stack.imgur.com/G41ky.png

    Any solution for me :(

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Try a plugin skip/bypass rule in your root .htaccess file and let me know if this works. If this skip/bypass rule works then add it to BPS Custom Code plugin fixes.

    # Thirstyaffiliates skip/bypass rule
    RewriteCond %{REQUEST_URI} ^/wp-content/plugins/thirstyaffiliates/ [NC]
    RewriteRule . - [S=13]

    Also check your BPS Security Log file for the logged error and post it back here.

  3. jkohlbach
    Member
    Posted 1 year ago #

    Thanks AITpro, I'll put something in our FAQ as well.

    Cheers,

    Josh Kohlbach
    ThirstyAffiliates

  4. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    I assume it worked then? I have not actually tested this myself. Please confirm that it is a working solution. Thanks.

  5. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    To test this skip/bypass rule: Copy this .htaccess code to the BPS Custom Code CUSTOM CODE PLUGIN FIXES: text box, save your changes, click the secure.htaccess AutoMagic button and then activate BulletProof Mode for your Root folder.

    # Thirstyaffiliates skip/bypass rule
    RewriteCond %{REQUEST_URI} ^/wp-content/plugins/thirstyaffiliates/ [NC]
    RewriteRule . - [S=13]
  6. Arafin Shaon
    Blocked
    Posted 1 year ago #

    still not working mate :(

    displaying same message.........

    You don't have permission to access /wp-content/plugins/thirstyaffiliates/ThirstyLinkPicker.php on this server.

  7. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Are you seeing a logged error in your BPS Security Log file?

    Since this is a premium plugin I do not have a copy of it to test with. I do not know exactly what the thirsty affiliates plugin is doing so I have very little information to troubleshoot with and can only offer general fixes to try.

    The next logical general "fix" to try would be to add (whitelist) the ThirstyLinkPicker.php file name in this Miscellaneous file skip/bypass rule in your root .htaccess file as shown below.

    # TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
    # Only Allow Internal File Requests From Your Website
    # To Allow Additional Websites Access to a File Use [OR] as shown below.
    # RewriteCond %{HTTP_REFERER} ^.*YourWebsite.com.* [OR]
    # RewriteCond %{HTTP_REFERER} ^.*AnotherWebsite.com.*
    RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR]
    RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC]
    RewriteRule .* index.php [F,L]
    RewriteCond %{REQUEST_URI} (ThirstyLinkPicker\.php|timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
    RewriteCond %{HTTP_REFERER} ^.*your-domain-should-already-be-here.com.*
    RewriteRule . - [S=1]
  8. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Did this work? Thanks.

  9. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Did this work? Thanks.

  10. Arafin Shaon
    Blocked
    Posted 1 year ago #

    Bad luck continues :( Didn’t work this time as well. I think you got to check the plugin yourself. Here is its nulled copy uploaded by someone. & I'm seeing no logged error message into BPS Security Log file.

    my site URL www . how2blog . in

    tnx

  11. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Yep without any facts or details of what is actually occurring then I can only make logical guesses at what is happening.

    I just checked your website and the css is all screwed up - your site is not displaying correctly. Looks like you are minifying your scripts and code. This is a very bad idea for many reasons. The most critical reason is that when you minify scripts you can actually negate the security coding checks in the original code. If you are going to minify scripts on your site then you need to check each of the scripts carefully that you are minifying for any NEW security vulnerabilities caused by minifying them.

    I will contact the Thirsty Affiliates folks and see if they have a demo copy that I can troubleshoot with.

  12. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    I have contacted ThirstyAffiliates and am waiting for a reply. Thank you.

  13. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Josh from ThirstyAffiliates sent me a demo copy of the ThirstyAffiliates plugin for testing purposes.

    Testing Results: The skip/bypass rule I posted above DOES resolve the issue/problem.

    If this skip/bypass rule is not working for you then these would be the possible reasons why it did not work for you.

    1. You have a subfolder installation of WordPress and you did not add your WordPress subfolder name in the path. Example: /my-wordress-installation-folder-name/wp-content/plugins/thirstyaffiliates/

    2. You Added this skip/bypass rule to BPS Custom Code, but you did not save your changes/this code or you did not click the AutoMagic buttons or your did not activate Root BulletProof Mode again.

    # Thirstyaffiliates skip/bypass rule
    RewriteCond %{REQUEST_URI} ^/wp-content/plugins/thirstyaffiliates/ [NC]
    RewriteRule . - [S=13]

    Copy this .htaccess code (if your WordPress installation is in a subfolder then add your WordPress subfolder name in the path) to the BPS Custom Code CUSTOM CODE PLUGIN FIXES: text box, save your changes, click the secure.htaccess AutoMagic button and then activate BulletProof Mode for your Root folder.

    # Thirstyaffiliates skip/bypass rule
    RewriteCond %{REQUEST_URI} ^/wp-content/plugins/thirstyaffiliates/ [NC]
    RewriteRule . - [S=13]

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic