Support » Plugin: BulletProof Security » Custom 403 page

  • Resolved digbymaass

    (@digbymaass)


    I had no idea that an apostrophe in the search widget would trigger a 403 page, and the BPS 403 page gives no clue that will happen.

    Is it possible (or advisable/not advisable) to copy and edit the 403.php file, place it elsewhere, then edit the path in the root htaccess file –

    ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php

    – to point to the edited file?

    The page I need help with: [log in to see the link]

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author AITpro

    (@aitpro)

    You can allow apostrophe’s/single quote code characters in search forms. Unfortunately. most search forms allow apostrophes/single quote code characters instead of stripping them out.

    Solution for allowing apostrophe’s/single quote code characters in search forms on the frontend of your website: http://forum.ait-pro.com/forums/topic/apostrophe-single-quote-code-character/#post-6939

    Solution for allowing apostrophe’s/single quote code characters in search forms on the backend of your website: http://forum.ait-pro.com/forums/topic/search-string-403-error/#post-14372

    • This reply was modified 7 months, 2 weeks ago by AITpro.

    Thanks! That worked. Though I’d still quite like to know the answer to adapting the 403 error page (without making an html one, which is the solution on the help page).

    • This reply was modified 7 months, 2 weeks ago by digbymaass.
    Plugin Author AITpro

    (@aitpro)

    If you want to customize the BPS 403 template page you would edit the /wp-content/plugins/bulletproof-security/403.php file. You can add/edit/change text and styling. Note: Make a backup copy of the BPS 403 template file since when you upgrade BPS the BPS 403 template file will be deleted by the WordPress plugin installation and a new BPS 403 template file will be added by the the WordPress plugin installation.

    • This reply was modified 7 months, 2 weeks ago by AITpro.

    Yes I realise the file would be overwritten on an update; that’s why I was wondering if putting it elsewhere and editing the file path would be ok (see first post)

    Plugin Author AITpro

    (@aitpro)

    Yes, you can put the 403.php Security Logging template file somewhere else. You would need to make 1 edit in the 403.php file.

    Change this code:

    if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
    	require_once('../../../wp-load.php');
    }

    To this code:

    if ( file_exists( dirname(dirname(dirname(dirname(__FILE__)))) . '/wp-load.php' ) ) {
    	require_once('../../../wp-load.php');
    } elseif ( file_exists( dirname(dirname(__FILE__)) . '/wp-load.php' ) ) {
    	require_once('../wp-load.php');
    } elseif ( file_exists( dirname(__FILE__) . '/wp-load.php' ) ) {
    	require_once('wp-load.php');
    } else {
    	// do nothing
    }

    Assuming you copy the 403.php to your WordPress installation folder (same folder where the wp-config.php file is) you would copy this edited BPS PRO ERROR LOGGING AND TRACKING htaccess code below to this BPS Root Custom Code text box: 5. CUSTOM CODE ERROR LOGGING AND TRACKING, click the Save Root Custom Code button and click the Root Folder BulletProof Mode Activate button on the Security Modes tab page.

    # BPS PRO ERROR LOGGING AND TRACKING
    # Use BPS Custom Code to modify/edit/change this code and to save it permanently.
    # BPS Pro has premade 400 Bad Request, 403 Forbidden, 404 Not Found, 405 Method Not Allowed and 
    # 410 Gone template logging files that are used to track and log 400, 403, 404, 405 and 410 errors 
    # that occur on your website. When a hacker attempts to hack your website the hackers IP address, 
    # Host name, Request Method, Referering link, the file name or requested resource, the user agent 
    # of the hacker and the query string used in the hack attempt are logged.
    # All BPS Pro log files are htaccess protected so that only you can view them. 
    # The 400.php, 403.php, 404.php, 405.php and 410.php files are located in /wp-content/plugins/bulletproof-security/
    # The 400, 403, 405 and 410 Error logging files are already set up and will automatically start logging errors
    # after you install BPS Pro and have activated BulletProof Mode for your Root folder.
    # If you would like to log 404 errors you will need to copy the logging code in the BPS Pro 404.php file
    # to your Theme's 404.php template file. Simple instructions are included in the BPS Pro 404.php file.
    # You can open the BPS Pro 404.php file using the WP Plugins Editor or by using the BPS Pro File Manager.
    # NOTE: By default WordPress automatically looks in your Theme's folder for a 404.php Theme template file.
    
    ErrorDocument 400 /wp-content/plugins/bulletproof-security/400.php
    ErrorDocument 401 default
    ErrorDocument 403 /403.php
    ErrorDocument 404 /404.php
    ErrorDocument 405 /wp-content/plugins/bulletproof-security/405.php
    ErrorDocument 410 /wp-content/plugins/bulletproof-security/410.php

    Thank you!

    Plugin Author AITpro

    (@aitpro)

    Assuming all questions have been answered – the thread has been resolved. If the issue/problem is not resolved or you have additional questions about this specific thread topic then you can post them at any time. We still receive email notifications when threads have been resolved.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Custom 403 page’ is closed to new replies.