Support » Plugin: WP WAF » Got 500 Internal Server Error

  • Hi Guelfo,
    after have enabled Disable Directory Listing on a test blog I got 500 Internal Server Error, without any access to blog nor backoffice.

    I erased the plugin folder thru FTP, but the error remains. Are there tables to remove from the db? If yes, which ones? What I need to do to completely remove (and later reinstall) the plugin?

    Tx a lot, F.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Solved: renamed plugin’s .htaccess and restored original WP’s one. Tx anyway.

    Plugin Author guelfoweb


    You have modsecurity enabled? Don’t check “Disable Directory Listing” option.

    I don’t know anything about ModSecurity, just that phpinfo says that “mod_security2” is between loaded modules. Of course I won’t enable Disable Dir Listing again 😉

    Today I checked plugin’s setting many times, because I had a lot of blocked “attacks” from legitimate spiders, as Opera Mini’s, Amazon Kindle’s (those mobile browsers access the web through their servers) and Twitter’s one, all classified “User Agent Blacklist – Python”. And one “attack” from Wikipedia’s spider (link checker, I guess), classified as “User Agent Blacklist – Curl”

    For your reference, these are their IPs:

    Plugin Author guelfoweb


    They are not browsers, but they are all of the BOT (u.a.:libwww-perl, python, curl…)

    Yes, as I said they are spiders (bots), used to gather web content to be compressed, often reformatted for small screens and sent to their mobile browsers. Those browzzers, Amazon Silk ( and Opera Mini (, access the web through their proxy servers, to speed navigation with a more compressed content (respectively SPDY protocol and OBML, Opera Binary Markup Language). Silk, for instance, can’t access the web directly but acts splitting content between direct and compressed. Those bots must be recognized as legitimate and needed, not blocked. Blocking them means to shut out some hundreds of millions of mobile users.

    Wikipedia bot is different: they periodically check and validate links from Wikipedia pages to external reference sites.

    IMHO, you need to whitelist some of their IPs, probably classes of them (I can’t guess all IPs they use for bots)

    I forgot to tell that these bots blocks only happened since few days, not more than one week.

    Plugin Author guelfoweb


    Ok, you need to add a field to set manually the exclusions. I work to the next version. 2.1 soon!

    Thanks for the feedback,

    You’re welcome, thank you for your work!

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Got 500 Internal Server Error’ is closed to new replies.