Support » Plugin: BulletProof Security » Does this work with IP Geo Block ?

Viewing 14 replies - 1 through 14 (of 14 total)
  • Plugin Author AITpro

    (@aitpro)

    You can unlock your Root htaccess file on the htaccess Core > htaccess File Editor tab page to allow IP Geo Block to write to your root htaccess file. CAUTION: I assume IP Geo Block creates htaccess code in your root htaccess file. So you need to figure out which IP Geo Block code is redundant to BPS root htaccess code and then only use IP Geo Block htaccess code that is not redundant to BPS root htaccess code and save that IP Geo Block htaccess code to BPS Root Custom Code. See the BPS Custom Code steps below.

    Root htaccess File Custom Code Setup Steps
    1. Add your custom code in the appropriate Root Custom Code text box.
    2. Click the Save Root Custom Code button to save your Root custom code.
    3. Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.

    Thanks for your fast reply! Of course I can check this out. One other question is if I really need an extra Country blocking plugin with your plugin already there? What do you think?

    Plugin Author AITpro

    (@aitpro)

    [deleted – information not valid]

    Plugin Author AITpro

    (@aitpro)

    [deleted – information not valid]

    Plugin Author AITpro

    (@aitpro)

    Disregard my previous replies. I was testing another plugin at the same time and it created the Bad Bot code. I am unable to test the IP Geo Block plugin on a Local Development server. Apparently this plugin does not work on Local Dev servers. So use my orginal reply information to figure out what IP Geo Block htaccess code goes where in BPS Custom Code.

    Plugin Author AITpro

    (@aitpro)

    I installed and tested the IP Geo Block plugin on a Live Hosted server and did not see the “cannot write to the htaccess file.” error message. The IP Geo Block plugin did not create any htaccess code in the root htaccess file when i tested both whitelist and blacklist. So since the error message is displayed on Local Development server with ip address: 127.0.0.1 then I assume you are testing on a Local Dev server. Also I have no idea why this plugin is checking the root htaccess file writing capability if this plugin does not create any htaccess code. The only logical explanation I can think of is this plugin checks to see if you are using WordPress Rewrite code and is not stating that clearly.

    Plugin Author AITpro

    (@aitpro)

    Ok I found what htaccess code this plugin would create, but it looks like the IP Geo Block plugin author removed that capability or it is a fallback if something else does not work.

    * **New feature:** Added configure of .htaccess for the plugins/themes area.

    When i enable these settings and test several settings nothing happens:
    Plugins area
    Themes area

    When i check the file where this code is supposed to do something it is commented out: /ip-geo-block/rewrite.php

    So I assume the plugin author decided not to allow/use these htaccess writing options and just forgot to remove his htaccess file writing error check. This plugin does not appear to create any htaccess code.

    Plugin Author AITpro

    (@aitpro)

    YIKES!!! This plugin is using the exec() function. The exec() function is going to be disabled on 90% of hosts worldwide since this is a very dangerous php function that is not allowed/is disabled on most web hosts.

    IP_Geo_Block_Rewrite::exec(
    	IP_Geo_Block::get_instance(),
    	IP_Geo_Block::get_geolocation(),
    	IP_Geo_Block::get_option( 'settings' )
    )
    Plugin Author AITpro

    (@aitpro)

    Ok so what is going on is this. Since my web host has disabled the exec() function for security reasons then the IP Geo Block plugin is not allowed to create htaccess code and is being blocked by my web host. The IP Geo Block plugin does actually create this htaccess code, if your host server is not disabling/blocking the IP Geo Block plugin’s exec() function. Most web hosts will block this and not allow the IP Geo Block plugin to create this htaccess code using the very dangerous exec() function.

    // template of rewrite rule in wp-content/(plugins|themes)/
    	private $rewrite_rule = array(
    		'apache' => array(
    			'plugins' => array(
    				'# BEGIN IP Geo Block',
    				'<IfModule mod_rewrite.c>',
    				'RewriteEngine on',
    				'RewriteBase %REWRITE_BASE%',
    				'RewriteCond %{REQUEST_URI} !ip-geo-block/rewrite.php$',
    				'RewriteRule ^.*\.php$ rewrite.php [L]',
    				'</IfModule>',
    				'# END IP Geo Block',
    			),
    			'themes' => array(
    				'# BEGIN IP Geo Block',
    				'<IfModule mod_rewrite.c>',
    				'RewriteEngine on',
    				'RewriteBase %REWRITE_BASE%',
    				'RewriteRule ^.*\.php$ rewrite.php [L]',
    				'</IfModule>',
    				'# END IP Geo Block',
    			),
    		),
    		'nginx' => array(
    			'plugins' => array(
    				'# BEGIN IP Geo Block',
    				'location ~ %REWRITE_BASE%rewrite.php$ {}',
    				'location %WP_CONTENT_DIR%/plugins/ {',
    				'    rewrite ^%WP_CONTENT_DIR%/plugins/.*/.*\.php$ %REWRITE_BASE%rewrite.php break;',
    				'}',
    				'# END IP Geo Block',
    			),
    			'themes' => array(
    				'# BEGIN IP Geo Block',
    				'location %WP_CONTENT_DIR%/themes/ {',
    				'    rewrite ^%WP_CONTENT_DIR%/themes/.*/.*\.php$ %REWRITE_BASE%rewrite.php break;',
    				'}',
    				'# END IP Geo Block',
    			),
    		),
    	);
    Plugin Author AITpro

    (@aitpro)

    Just noticed your additional questions in your reply. Personally we don’t block countries by IP since we want visitors from anywhere/everywhere to be able to visit our sites. BPS does not block visitors by IP addresses and instead blocks by “bad actions”. ie X does bad action Y and that bad action Y is blocked. So if you do not want visitors from some countries to be able to view your site then block those countries, but keep in mind if a hacker or spammer uses a Proxy then the IP address in the Proxy will be for any country that they want to pick/use.

    Plugin Author AITpro

    (@aitpro)

    Did this answer all of your questions? If so, please resolve this thread. If not, please post any additional questions you may have. Thanks.

    Thread Start Date: 6-23-2016 to 6-24-2016
    Current Date: 6-27-2016

    Thank you so much for your help, it all worked eventually, I adjusted the settings as you suggested: “Root htaccess File Custom Code Setup Steps” abve, that did the trick. Your plugin is very good, I have no more break in issues right now! Cheers, Groggo

    tokkonopapa

    (@tokkonopapa)

    Dear @aitpro,

    I’m an author of IP Geo Block.

    Please for give me to comment on resolved thread. But I have to claim that IP Geo Block never use dangerous PHP exec() function.

    YIKES!!! This plugin is using the exec() function. The exec() function is going to be disabled on 90% of hosts worldwide since this is a very dangerous php function that is not allowed/is disabled on most web hosts.

    IP_Geo_Block_Rewrite::exec(
    	IP_Geo_Block::get_instance(),
    	IP_Geo_Block::get_geolocation(),
    	IP_Geo_Block::get_option( 'settings' )
    )

    If you are a developer, you can find easily it’s just a function in a class and has no relation with dangerous PHP exec() function. It’s just includes other PHP file.

    I believe that you didn’t have malice. I’d just like to say the truth.

    I’d appreciate your understanding.

    Plugin Author AITpro

    (@aitpro)

    Oh ok. Sorry I misinterpreted your code.

Viewing 14 replies - 1 through 14 (of 14 total)
  • The topic ‘Does this work with IP Geo Block ?’ is closed to new replies.