Thread Starter
mrppp
(@mrppp)
Found this will do a search
Solution: There are 2 relevant fields to check for Event Code: WPADMIN-SBR.. The HTTP_REFERER and REQUEST_URI logging fields. If the Referer or Request URI has /wp-admin/ in the path then these are things that are being blocked by BPS in the wp-admin .htaccess file and a Skip/Bypass rule needs to be created for the wp-admin .htaccess file by adding it to BPS Custom Code. Typically either a wp-admin file needs to be whitelisted in the Skip/Bypass rule or a Query String needs to be whitelisted. Searching the Forum will produce any documented solutions for wp-admin Skip/Bypass rules by searching using the plugin’s name as the search word/term.
Can’t see anything, as mine is not a plugin it is HTTP_REFERER: http://www.xxxxxxx.co.uk/wp-admin/admin.php
Plugin Author
AITpro
(@aitpro)
The SERVER_PROTOCOL is HTTP/1.0. If you are using the BPS Server Protocol Brute Force Login page protection bonus code then you will have to remove/delete it or upgrade your Proxy software and configure it to use the new Server Protocol as of 1999 – 15 years ago – HTTP/1.1.
This is the same issue/problem that you posted in this thread: https://wordpress.org/support/topic/brute-force-login?replies=16
Thread Starter
mrppp
(@mrppp)
But i,m not using it, i have removed it, and i only had the server based one not the ip based one
The server based one works on another site with same set up
# BRUTE FORCE LOGIN PAGE PROTECTION
# Protects the Login page from SpamBots, HackerBots & Proxies
# that use Server Protocol HTTP/1.0 or a blank User Agent
RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR]
RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$
RewriteRule ^(.*)$ - [F,L]
Should that one work with that protocol? even though i have removed it
Plugin Author
AITpro
(@aitpro)
The code above blocks the old HTTP/1.0 Server Protocol since hackers and spammers use the old Server Protocol to do nasty things that they cannot do with the new Server Protocol HTTP/1.1. You would either need to not use the code above or upgrade your Proxy and configure it to use the new Server Protocol HTTP/1.1.
Thread Starter
mrppp
(@mrppp)
right ok, i got confused then, i thought it was only when using an ip.
Thread Starter
mrppp
(@mrppp)
AIT for your info. in custom code the link to speed test goes here got an” after /
Plugin Author
AITpro
(@aitpro)
Where did you find that bad link?
Thread Starter
mrppp
(@mrppp)
custom code-root htaccess-CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE Speed Boost Cache Code here
Plugin Author
AITpro
(@aitpro)
Ah ok I see it now. I will create a redirect for the bad link. Thanks for reporting that.
Plugin Author
AITpro
(@aitpro)
Probably, but your Proxy is using HTTP/1.0
HTTP_X_FORWARDED_FOR: xxx.xxx.113.174 means that you are using a Proxy.
