Plugin Author
AITpro
(@aitpro)
Have you tried this fix and the problem is still occurring?
http://www.ait-pro.com/aitpro-blog/2252/bulletproof-security-plugin-support/checking-plugin-compatibility-with-bps-plugin-testing-to-do-list/#GoogleAnalyticsDashboard
It is possible that something has changed in those plugins so what i would need is the Query strings to see what might be blocked. In your address bar you will see a URL and it will contain a query string. post the portion of the query string starting from the question mark character.
Plugin Author
AITpro
(@aitpro)
There are several different Google analytics plugins so please list each one with a link to the plugins main page and i will test each one.
I tested Google Analytics Dashboard – Author Carson McDonald
http://wordpress.org/extend/plugins/google-analytics-dashboard/
And found 2 things that are blocked by BPS.
Root .htaccess file modification – comment out this security filter with a pound sign.
#RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|%3c|%3e|%5b|%5d).* [NC,OR]
wp-admin .htaccess file modification – Add this skip/bypass rule to BPS Custom Code – “CUSTOM CODE WPADMIN PLUGIN FIXES: Add ONLY WPADMIN personal plugin fixes code here” so that admin-ajax.php can be called by Google Analytics Dashboard.
# Google Analytics Dashboard skip/bypass
RewriteCond %{REQUEST_URI} (admin-ajax\.php) [NC]
RewriteRule . - [S=2]
Plugin Author
AITpro
(@aitpro)
One of dilemma’s that we discuss at AITpro on a regular basis is – Is it better to start from the maximum security settings by default and then deal with case by case issues to create skip/bypass rules or would it be better to start from medium security and then offer a maximum security option with one click. I personally do not think that is really a good solution and what would be much more effective and advanced approach would be to capture the error generated and automatically generate a solution based on the known set of conditions. This is in the works at this point and is in experimental testing.
admin-ajax.php is a completely safe file to be allowed by default for plugin calls so this file will be added as a standard allowed file in the wp-admin .htaccess file in the next version release of BPS.
# Allow wp-admin files that are called by plugins
RewriteCond %{REQUEST_URI} (press-this\.php|admin-ajax\.php) [NC]
RewriteRule . - [S=1]