WordPress.org

Support

Support » Plugins and Hacks » WP WAF » Got 500 Internal Server Error

Got 500 Internal Server Error

  • Hi Guelfo,
    after have enabled Disable Directory Listing on a test blog I got 500 Internal Server Error, without any access to blog nor backoffice.

    I erased the plugin folder thru FTP, but the error remains. Are there tables to remove from the db? If yes, which ones? What I need to do to completely remove (and later reinstall) the plugin?

    Tx a lot, F.

    http://wordpress.org/extend/plugins/wp-waf/

Viewing 8 replies - 1 through 8 (of 8 total)
  • Solved: renamed plugin’s .htaccess and restored original WP’s one. Tx anyway.

    Plugin Author guelfoweb

    @guelfoweb

    You have modsecurity enabled? Don’t check “Disable Directory Listing” option.

    I don’t know anything about ModSecurity, just that phpinfo says that “mod_security2” is between loaded modules. Of course I won’t enable Disable Dir Listing again 😉

    Today I checked plugin’s setting many times, because I had a lot of blocked “attacks” from legitimate spiders, as Opera Mini’s, Amazon Kindle’s (those mobile browsers access the web through their servers) and Twitter’s one, all classified “User Agent Blacklist – Python”. And one “attack” from Wikipedia’s spider (link checker, I guess), classified as “User Agent Blacklist – Curl”

    For your reference, these are their IPs:

    208.80.153.164
    54.241.211.112
    82.145.208.238
    82.145.209.175

    Plugin Author guelfoweb

    @guelfoweb

    They are not browsers, but they are all of the BOT (u.a.:libwww-perl, python, curl…)

    Yes, as I said they are spiders (bots), used to gather web content to be compressed, often reformatted for small screens and sent to their mobile browsers. Those browzzers, Amazon Silk (http://en.wikipedia.org/wiki/Amazon_Silk) and Opera Mini (http://en.wikipedia.org/wiki/Opera_Mini), access the web through their proxy servers, to speed navigation with a more compressed content (respectively SPDY protocol and OBML, Opera Binary Markup Language). Silk, for instance, can’t access the web directly but acts splitting content between direct and compressed. Those bots must be recognized as legitimate and needed, not blocked. Blocking them means to shut out some hundreds of millions of mobile users.

    Wikipedia bot is different: they periodically check and validate links from Wikipedia pages to external reference sites.

    IMHO, you need to whitelist some of their IPs, probably classes of them (I can’t guess all IPs they use for bots)

    I forgot to tell that these bots blocks only happened since few days, not more than one week.

    Plugin Author guelfoweb

    @guelfoweb

    Ok, you need to add a field to set manually the exclusions. I work to the next version. 2.1 soon!

    Thanks for the feedback,
    Gianni

    You’re welcome, thank you for your work!

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Got 500 Internal Server Error’ is closed to new replies.
Skip to toolbar