WordPress.org

Support

Support » Plugins and Hacks » BulletProof Security » [Resolved] [Plugin: BulletProof Security] Access files from app

[Resolved] [Plugin: BulletProof Security] Access files from app

  • Hello,
    I’ve set up BPS and unable to access some files on the site through the application ( it uses HTTP requests ), – getting 403 Forbidden.
    Hovewer, i’m able to access this files directly through the browser.
    If i disable BPS ( by deleting .htaccess ) – all works fine again
    Can you help me solve this problem?
    And thank you for a very good plugin!

    http://wordpress.org/extend/plugins/bulletproof-security/

    [ Please do not bump, that’s not permitted here. ]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author AITpro

    @aitpro

    …unable to access some files on the site through the application ( it uses HTTP requests )

    Please be more specific and post specific details of the problem. If this is a problem with a plugin, then add the plugin name or script name or file name and if you have a URL or Query string that is being forbidden please post it here.

    yeah, sorry
    here is an url:
    http://apathysoftworks.com/QC/qc_update/last_ver.txt
    i can open it in the browser, but my app – Quick Cliq, cannot access this file using COM object “WinHttp.WinHttpRequest.5.1” with GET request
    http://apathysoftworks.com/software/quickcliq

    I believe it somehow related win BPS protection against auto site-downloaders. I need to know what i should change in .htaccess ( which was secure.htaccess formerly ) to fix this problem

    Again, if i restore previous htaccess from backup – it works fine

    Plugin Author AITpro

    @aitpro

    Excellent details! Thank you.

    winhttp is explicitly blocked by BPS in the root .htaccess file and also in the wp-admin .htaccess file. To remove that restriction you would remove winhttp from these security filters below. This should allow Quick Cliq to communicate successfully with your website.

    Root .htaccess file

    RewriteCond %{HTTP_USER_AGENT} (libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]
    
    RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]

    wp-admin .htaccess file

    RewriteCond %{HTTP_USER_AGENT} (libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]

    Plugin Author AITpro

    @aitpro

    Hello deogo,
    Please post a status update on this issue. Thanks.

    It works now
    Thank you, AITpro!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘[Resolved] [Plugin: BulletProof Security] Access files from app’ is closed to new replies.
Skip to toolbar