WordPress.org

Forums

BulletProof Security
[resolved] Error Log File Full of Time/Datestamp + "" Code (10 posts)

  1. mygeek911
    Member
    Posted 2 years ago #

    Hello, the bps_php_error.log file is simply full of the following:

    [24-May-2013 17:37:14] <ul></ul>
    [24-May-2013 17:37:14] <ul></ul>
    [24-May-2013 17:37:14] <ul></ul>
    [24-May-2013 17:37:14] <ul></ul>
    [24-May-2013 17:37:14] <ul></ul>
    [24-May-2013 17:37:14] <ul></ul>
    [24-May-2013 17:37:14] <ul></ul>
    [24-May-2013 17:37:14] <ul></ul>
    [24-May-2013 17:37:14] <ul></ul>
    [24-May-2013 17:37:14] <ul></ul>
    [24-May-2013 17:37:16] <ul></ul>
    [24-May-2013 17:37:16] <ul></ul>
    [24-May-2013 17:37:16] <ul></ul>
    [24-May-2013 17:37:16] <ul></ul>
    [24-May-2013 17:37:16] <ul></ul>
    [24-May-2013 17:37:16] <ul></ul>
    [24-May-2013 17:37:16] <ul></ul>
    [24-May-2013 17:37:16] <ul></ul>
    [24-May-2013 17:37:16] <ul></ul>

    The only thing I can think of is that I have password-protected the wp-admin folder via htaccess. I have already whitelisted the ajax handler for another plugin. Is there something else I am missing?

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 2 years ago #

    Wow that is wierd. I have never seen this before. Since this is a BPS Pro question I have copied the question to the BPS Pro Forum. Please reply in the BPS Pro Forum.
    http://forum.ait-pro.com/forums/topic/php-error-log-displaying-html-code-instead-of-errors/

  3. AITpro
    Member
    Plugin Author

    Posted 2 years ago #

    BPS Pro question handled in the BPS Pro Forum. Resolving.

  4. mygeek911
    Member
    Posted 2 years ago #

    Hello,

    This isn't resolved. I can't even log in to your forum as it erroneously flags my account as a spammer. I tried sending an e-mail and I guess it never was received.

    I have two other WP sites hosted on the same server. Neither of them have this problem but I need to make time to go in and find out what is different, if anything, between their settings and this particular site.

    The funny thing is that I set all three of them up at the same time. I'll let you know what I find.

  5. AITpro
    Member
    Plugin Author

    Posted 2 years ago #

    We are testing new BuddyPress Anti-Spam Registration .htaccess code in the Forum. It appears to be misinterpreting about 5% of the registrations as spam registrations when they are not. Please send an email using the contact form in the BPS Forum and we will manually create a user account for you and email it to you. Once you login into the forum we can capture all of your info/data to figure out what about your data (user agent, etc) is being flagged as a spammer.

    What I suspect is that this single hyphen rule is too strict or we will have to allow blank user agent registrations.

    # Blank or single hyphen user-agent spoofers or curl
    RewriteCond %{HTTP_USER_AGENT} ^(|-?|curl)$ [NC,OR]
    # BuddyPress Anti-Spam Registration
    RewriteCond %{REQUEST_METHOD} ^POST
    # only match the register page URI
    RewriteCond %{REQUEST_URI} ^/register/$
    # domain referer is better than IP - allows for subdomains
    RewriteCond %{HTTP_REFERER} !^.*add-your-domain-name-here.com.* [OR]
    # Blank or single hyphen user-agent spoofers or curl
    RewriteCond %{HTTP_USER_AGENT} ^(|-?|curl)$ [NC,OR]
    # HTTP request header
    RewriteCond %{THE_REQUEST} HTTP/1\.0$
    RewriteRule ^(.*)$ /spam-prevention [R=301,L]
  6. AITpro
    Member
    Plugin Author

    Posted 2 years ago #

    We have setup logging now for the Spam Registration / Prevention page. Please try to Register again and all of your variables/data will be logged so that we can see what the issue/problem is. Thank you.

  7. AITpro
    Member
    Plugin Author

    Posted 2 years ago #

    Also I wanted to mention that this new BuddyPress .htaccess code cuts Spammer Registration down from 1,500+ spam registrations per day to allowing only 50 per day. So it is very successful, but needs a little fine tuning like any new code does. In any case this code saves us about 1 hour per day having to deal with these dummies and clean up their mess.

    >>>>>>>>>>> GET Spam Registration page - May 29, 2013 - 12:47 pm <<<<<<<<<<<
    REMOTE_ADDR: 198.2.206.28
    Host Name: 198.2.206.28
    HTTP_CLIENT_IP:
    HTTP_FORWARDED:
    HTTP_X_FORWARDED_FOR:
    HTTP_X_CLUSTER_CLIENT_IP:
    REQUEST_METHOD: GET
    HTTP_REFERER: http://forum.ait-pro.com/spam-prevention/
    REQUEST_URI: /spam-prevention/
    QUERY_STRING:
    HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 1.1.4322)
    SERVER_PROTOCOL: HTTP/1.0
    SERVER_SOFTWARE: Apache
    REMOTE_PORT: 63544
    REMOTE_USER:
    REDIRECT_REMOTE_USER:
  8. mygeek911
    Member
    Posted 2 years ago #

    I just tried to register again and sent you an e-mail via the contact form.

  9. AITpro
    Member
    Plugin Author

    Posted 2 years ago #

    Yep, for some strange reason you're using the old ancient HTTP/1.0 Server Protocol that is why your Registration was blocked.

    Bad bots and spiders use the old HTTP/1.0 Server Protocol. The new Server Protocol since 1997 is HTTP/1.1. I will look at your DNS information that was captured and try and figure out where the HTTP/1.0 Server Protocol is coming from.

    A forum user account was manually created and emailed to you. Thanks.

  10. mygeek911
    Member
    Posted 2 years ago #

    I'll follow up with you on the AITPro thread after I get a chance to dig into the files. Thanks for the help!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic