Title: 403 Errors Last modified: August 20, 2016 --- # 403 Errors * Resolved [chrishtf](https://wordpress.org/support/users/chrishtf/) * (@chrishtf) * [13 years, 3 months ago](https://wordpress.org/support/topic/403-errors-2/) * Hey * I’ve recently been getting constant message my Security Log is becoming large and when I checked I’ve been getting regular 403 errors. Here’s a bit from the log * ``` >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.5 Host Name: out-ar5.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2011/12/DJ-Chamber-HTF.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.2 Host Name: out-ar2.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2011/11/Troumaca.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.0 Host Name: 66.220.152.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2013/01/Karma-Party-Tour.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.4 Host Name: out-ar4.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2012/04/20120416-191116.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.2 Host Name: out-ar2.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/sociable/images/more.png QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.5 Host Name: out-ar5.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2012/03/achal.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.7 Host Name: out-ar7.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2011/10/131445_500446317776_33761052776_5647685_3713449_o1.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.6 Host Name: out-ar6.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2011/12/bison.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.6 Host Name: out-ar6.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2011/10/love-sick.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.3 Host Name: out-ar3.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/plugins/sociable/images/closelabel.png QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.6 Host Name: out-ar6.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2012/02/20120220-213452.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.4 Host Name: out-ar4.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2012/04/20120406-213014.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 66.220.152.5 Host Name: out-ar5.tfbnw.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/uploads/2012/04/20120416-192154.jpg QUERY_STRING: HTTP_USER_AGENT: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) >>>>>>>>>>> 403 Error Logged - February 2, 2013 - 6:10 pm <<<<<<<<<<< REMOTE_ADDR: 72.30.142.221 Host Name: llf531060.crawl.yahoo.net HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /electronic/interview-kate-mcrae-htf-exclusive QUERY_STRING: HTTP_USER_AGENT: NING/1.0 ``` * Any ideas why this would be? * Site is [http://www.hitthefloor.co.uk](http://www.hitthefloor.co.uk) * Any help would be awesome x * [http://wordpress.org/extend/plugins/bulletproof-security/](http://wordpress.org/extend/plugins/bulletproof-security/) Viewing 8 replies - 16 through 23 (of 23 total) [←](https://wordpress.org/support/topic/403-errors-2/?output_format=md) [1](https://wordpress.org/support/topic/403-errors-2/?output_format=md) 2 * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [13 years, 3 months ago](https://wordpress.org/support/topic/403-errors-2/page/2/#post-3428663) * And this one is good for a laugh. The MSN bot is trying to hack your website. LOL I once had the Google bot try to hack my site for a few days. LOL obviously this is not the real MSN Bot. IP addresses, Host names and User Agents can be very easily faked. And this hacker is faking the MSN bot when looking for a timthumb file to exploit. 😉 * ``` >>>>>>>>>>> 403 Error Logged - February 4, 2013 - 11:28 pm <<<<<<<<<<< REMOTE_ADDR: 131.253.24.4 Host Name: msnbot-131-253-24-4.search.msn.com HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-content/themes/magazinum/functions/theme/thumb.php?src=http://www.hitthefloor.co.uk/wp-content/uploads/2012/02/F9-520x325.jpg&w=225&h=Yes&zc=1&a=c QUERY_STRING: HTTP_USER_AGENT: msnbot-media/1.1 (+http://search.msn.com/msnbot.htm) ``` * Thread Starter [chrishtf](https://wordpress.org/support/users/chrishtf/) * (@chrishtf) * [13 years, 3 months ago](https://wordpress.org/support/topic/403-errors-2/page/2/#post-3428687) * It’s all one site. It’s a wordpress install on domain [http://www.hitthefloor.co.uk](http://www.hitthefloor.co.uk) * The actual server itself its hosted on is registered as [http://www.sywp.co.uk](http://www.sywp.co.uk) as there are a few other sites on the same server if that’s what u meant 🙂 * Is there anything I could get my webhosts to look at maybe? They were just confused last time they had a look lol * Also wud u advise against using Minify then? is it not good for the site? * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [13 years, 3 months ago](https://wordpress.org/support/topic/403-errors-2/page/2/#post-3428691) * Ok so /blog is just a designated blog page then and not a completely separate WordPress site correct? * I guess you could have your Host check the Server Logs for additional clues, but i doubt it would tell them anything more useful. * Ok here is the overall deal. Images display fine on your site, everything is working fine on your site and you can HotLink to images. The logged events pertaining to image files may be things like this: * Someone is attempting to scrape, mirror, copy, download, etc your entire site and images and they are faking that they are the facebook bot. Remember that IP addresses, Host Names and User Agents can all be very easily faked. * Or maybe you have some kind of facebook plugin installed that is doing something to cause the errors. Or maybe your Themes would have something to do with this? Do the standard WordPress troubleshooting steps. * 1. deactivate plugins one by one and test 2. switch to the WordPress 2012 theme to test. * The big picture: * In your log file that you posted I see that BPS blocked/stopped several common hacking attempts on your website. The image file errors are only a nuisance and are not causing any problems. So try the WordPress troubleshooting steps and see what happens. Another possibility is that they will just stop all of a sudden if it has to do with mirroring, scraping, etc. * I personally do not use Minify plugins because i have several very critical scripts that need to be 100% intact and not minified. If these critical scripts are minified then they lose coding safeguard checks. So it is up to you. Most likely it would not be an issue for you so it is fine to use a Minify plugin on your site. * And also the image errors could be caused by your minifying plugin. So when you do the standard WordPress troubleshooting steps then you would be eliminating your Minify plugin as well as the cause of the problem. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [13 years, 3 months ago](https://wordpress.org/support/topic/403-errors-2/page/2/#post-3428692) * Also this Forum post puts things in perspective regarding what matters and what does not matter in regards to logged events: * [http://forum.ait-pro.com/forums/topic/security-log-security-log-403-errors/#post-1694](http://forum.ait-pro.com/forums/topic/security-log-security-log-403-errors/#post-1694) * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [13 years, 3 months ago](https://wordpress.org/support/topic/403-errors-2/page/2/#post-3428711) * Did you try the standard WordPress troubleshooting steps? * 1. deactivate plugins one by one and test 2. switch to the WordPress 2012 theme to test. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [13 years, 3 months ago](https://wordpress.org/support/topic/403-errors-2/page/2/#post-3428726) * Working on this over here now >>> [http://wordpress.org/support/topic/linkchecker-and-other-legit-bots-are-broken?replies=8](http://wordpress.org/support/topic/linkchecker-and-other-legit-bots-are-broken?replies=8) * Will post my findings/solution there. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [13 years, 3 months ago](https://wordpress.org/support/topic/403-errors-2/page/2/#post-3428727) * deleted posted in the wrong thread… * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [13 years, 3 months ago](https://wordpress.org/support/topic/403-errors-2/page/2/#post-3428742) * resolving this Thread. This issue is being worked on in this thread >>> [http://wordpress.org/support/topic/linkchecker-and-other-legit-bots-are-broken?replies=8](http://wordpress.org/support/topic/linkchecker-and-other-legit-bots-are-broken?replies=8) * This issue is a nuisance issue and does not have a negative impact or block anything important. It has still not been determined if BPS is the source of the facebook 206 error. pending further investigation / testing. Viewing 8 replies - 16 through 23 (of 23 total) [←](https://wordpress.org/support/topic/403-errors-2/?output_format=md) [1](https://wordpress.org/support/topic/403-errors-2/?output_format=md) 2 The topic ‘403 Errors’ is closed to new replies. * ![](https://ps.w.org/bulletproof-security/assets/icon-128x128.png?rev=1731938) * [BulletProof Security](https://wordpress.org/plugins/bulletproof-security/) * [Support Threads](https://wordpress.org/support/plugin/bulletproof-security/) * [Active Topics](https://wordpress.org/support/plugin/bulletproof-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/bulletproof-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/bulletproof-security/reviews/) * 23 replies * 3 participants * Last reply from: [AITpro](https://wordpress.org/support/users/aitpro/) * Last activity: [13 years, 3 months ago](https://wordpress.org/support/topic/403-errors-2/page/2/#post-3428742) * Status: resolved