[Plugin: BulletProof Security] 403 / 500 Errors

Is BulletProof Security Network / MU / Multisite Compatible?
Yes. BulletProof Security contains AutoMagic buttons for Network / MU / Multisite websites. Both sub-directory and sub-domain Master .htaccess code is written / created for your specific Network / MU site. BulletProof Modes should only be Activated on the Primary site. All sub sites are virtual and there is no need to Activate BulletProof Modes on sub sites. This will actually screw up your Primary site. BPS allows only Super Admins to see the BPS menus in sub sites. BPS also works with Network / MU Domain Mapping.

And this FAQ information needs to be updated to specifically state that BPS should NOT be Network Activated.

Excellent.

I tried as you suggested. No network activation, and ONLY activated/installed on the main domain.

Same problem.

I’m on a linux / hostgator VPS with CGI …

This is a multisite with about 15 subdomains…

The error logs show nothing useful to me… any thing else I can look into or provide you with?

I had it uninstalled, but can reactivate for you if you think it would be useful.

EDIT: and I commented out the Options -Indexes as suggested

I have it turned on right now, and I’m looking at the logs… it appears that curl is showing a 500 error and downforeveryoneorjustme.com is showing a 403…

but I am getting legitmate 200’s, 404’s and 301’s in the mix, so I think that maybe it’s something with the way that curl and similar programs are calling?

I know that my own script that checks is showing that it’s down, but I’m able to access the site ( I assumed this was an admin user privilege )

curl is specifically blocked in this (or these) security filter(s) and you can remove it if you want to allow external curl connections to your site.

RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]

You might also have to remove curl from this filter below as well...

RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]

the downforeveryoneorjustme.com website makes a HEAD REQUEST to check your HEAD response. If you would like to allow HEAD requests then remove HEAD from this filter below.

# REQUEST METHODS FILTERED
# This filter is for blocking junk bots and spam bots from making a HEAD request, but may also block some
# HEAD request from bots that you want to allow in certains cases. This is not a security filter and is just
# a nuisance filter. This filter will not block any important bots like the google bot. If you want to allow
# all bots to make a HEAD request then remove HEAD from the Request Method filter.
# The TRACE, DELETE, TRACK and DEBUG request methods should never be allowed against your website.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ - [F,L]

Ok now where exactly are you seeing a 403 error message? When trying to view your website or some other specific thing, such as a specific URL or something else in particular?

Ahh… That answers it.

Looking at the site, all is well… it’s the monitoring sites that were freaking out…

I had friends around the globe confirm that the site is up, it’s just the monitoring sites…

So the 403 error is just from accessing it via curl or making HEAD requests…

THANKS SO MUCH! problem resolved!