Broken Link | Page 2 | Wordpress Support | Forum Archive

The free forums are no longer in use. It remains available as read-only archive.

Avatar
Lost password?
Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
The forums are currently locked and only available for read only access
sp_Feed Topic RSSsp_TopicIcon
Broken Link
October 3, 2010
10:14 pm
Avatar
Guest
Guests

Well, it's definately the .htaccess file. Removed it and xcloner worked fine.

Here below is the suspect code.  Note: I don't include my 301 redirect and W3 total Cache. I don't think there at issue.

 

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

# FILTER REQUEST METHODS
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
RewriteRule ^(.*)$ - [F,L]

# QUERY STRING EXPLOITS
RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
RewriteCond %{QUERY_STRING} tag\= [NC,OR]
RewriteCond %{QUERY_STRING} ftp\:  [NC,OR]
RewriteCond %{QUERY_STRING} http\:  [NC,OR]
RewriteCond %{QUERY_STRING} https\:  [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|’|"|;|\?|\*).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*("|'|<|>|\|{||).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* [NC]
RewriteRule ^(.*)$ - [F,L]

October 4, 2010
6:15 am
Avatar
Ovidiu Liuta
Admin
Forum Posts: 2484
Member Since:
September 26, 2010
sp_UserOfflineSmall Offline

As i would suspect is one of the #FILTER REQUEST METHODS methods, so try commenting them all, and then enabling them one by one and see which one might get you that message.

 

Regards, Ovidiu

October 4, 2010
11:25 am
Avatar
Guest
Guests

Respectfully, at this stage your expertice is required or someone who understands Apache.  A workaround is what's in order.

See wordpress.org/extend/plugins/bulletproof-security/  .

How 'bout you contact the plugin's developer, Ed Alexander; see ait-pro.com/about/ .

October 4, 2010
12:39 pm
Avatar
Ovidiu Liuta
Admin
Forum Posts: 2484
Member Since:
September 26, 2010
sp_UserOfflineSmall Offline

After having a closer look at the .htaccess query, the actual issue in caused by the default file-naming of the backup which might contain the word "drop", name which is banned in your .htaccess file, line

RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* [NC]

 

Renamig your backup files to something more appropriate for your system will help, either when generating the backup or after in your View Backups screen; either way, the delete function is still working, backups being deleted properly.

 

Regards, Ovidiu

October 4, 2010
12:44 pm
Avatar
Guest
Guests

Huh?  I'm sorry.

"Renamig your backup files to something more appropriate for your system will help."

I name the backup by date, e.g. 10-4-743.  What do you suggest?

October 4, 2010
12:53 pm
Avatar
Ovidiu Liuta
Admin
Forum Posts: 2484
Member Since:
September 26, 2010
sp_UserOfflineSmall Offline

As i specified above, removing the drop or nodrop from the backup filename will help.

Also, i also discovered that the .htaccess rules they created also blocks the "File(s) deleted" message because of the (s) from the url. I would advise contacting the developers for a fix as that is not indicating an exploit in this case. I will look into getting that adjusted into a future version

 

Ovidiu

October 16, 2010
5:22 pm
Avatar
Ed
New Member
Members
Forum Posts: 1
Member Since:
October 16, 2010
sp_UserOfflineSmall Offline

Hi,

Ed from AITpro here.  Happened to come across this post in my travels.

I think your problem is this  - You have 2 RewriteRule entries

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

Thanks,

Ed >>> Cool

Forum Timezone: America/Chicago
Most Users Ever Online: 867
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)
Top Posters:
mlguru: 30
Django29: 29
D: 21
Andy: 21
Marcus: 20
Jamie F: 19
Member Stats:
Guest Posters: 738
Members: 10056
Moderators: 2
Admins: 3
Forum Stats:
Groups: 3
Forums: 7
Topics: 2397
Posts: 8236
Newest Members:
peter wimmer
Moderators: TriP: 0, Steve Burge: 0
Administrators: Ovidiu Liuta: 2484, Victor Drover: 1, Valentin Barbu: 0