WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
Having URL preview problems in LinkedIn? Bot Blacklist is blocking them! (8 posts)

  1. jeromeparadis
    Member
    Posted 1 year ago #

    Hello,

    I had multiple sites (in WordPress multisite) where the URL preview wasn't working on LinkedIn: I was only seeing the blog's domain name as the title and URL. Previews were working fine on Facebook and other social platforms.

    After days of trying to pinpoint the issue after migrating some blogs and changing my WordPress security plugin to Better WP Security, I finally found that LinkedIn was blocked and Apache was returning an HTTP 403 error.

    After investigating, I noticed it is due to activating the "Enable Default Banned List" feature in the "Ban" section of the Better WP Security plugin.

    To deactivate this feature, it isn't too intuitive: you need to uncheck the checkbox and click "Add Host and Agent Blacklist". Otherwise, clicking "Save changes" at the bottom of this page doesn't do anything.

    I hope this will save days of hair pulling to others.

    Cheers.

    http://wordpress.org/extend/plugins/better-wp-security/

  2. John3121
    Member
    Posted 11 months ago #

    Thank you very much for this solution! You really saved me a lot of time!

    From my point of view, completely disabling the banlist may not be very secure. So I’ve done some research and found out that the following lines are blocking LinkedIn bot.

    RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} libwww-perl [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Link [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} LinksManager.com_bot [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} linkwalker [NC,OR]

    I propose to turn on the "Enable Default Banned List" option and then manually remove the following code from .htaccess file. (The “Remove write permissions from .htaccess and wp-config.php” should be disabled before editing). This solution works for me and it would be great if someone could check it too.

    I read a lot of information and realized that the problem with the incorrect link preview in LinkedIn is very popular. Many people (including me) were not even aware that it may be caused by security measures in WordPress CMS. Therefore, I would like to ask the Better WP Security author to make some changes in the next releases or investigate this problem and include the solution to the FAQ.

  3. webcreative
    Member
    Posted 10 months ago #

    Thanks for this reply John.

    But doesn't this create a security loophole if these useragents are removed from the banned list?

    Also doesn't the plugin re-add them when upgraded, deactivated and Reactivated or reconfigured?

    Thanks

  4. jamieflashpoint
    Member
    Posted 8 months ago #

    This helped me too, thanks a million!

  5. realtech
    Member
    Posted 4 months ago #

    It would be very cool if there was a whitelist ability in that section of the settings....

  6. The Hack Repair Guy
    Member
    Posted 3 months ago #

    Which specific bot does LinkedIn report as?

    I notice you listed a number of them.
    RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} libwww-perl [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Link [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} LinksManager.com_bot [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} linkwalker [NC,OR]

    of which I know at least two are not LinkIn.

    Would be helpful if someone with LinkedIn experience can pinpoint this for me, so I work to update the Default Banned List appropriately.

  7. The Hack Repair Guy
    Member
    Posted 3 months ago #

    Ok, I found the Linkedin bot name:
    "LinkedInBot

    This line within the ban list prevents LinkedIn from properly grabbing a preview:
    RewriteCond %{HTTP_USER_AGENT} ^Link [NC,OR]

    I will work to have the removed in future updates.

  8. DragNfLy
    Member
    Posted 1 month ago #

    Any progress on this as the above work-around does not work for me.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic