Thread Starter
Macky
(@jmcdaidgmailcom)
hmm the link, appears to have gone a little wonky in my post. I’ll try that again:
http://www.example.com/?fb_action_ids=20506750003300654&fb_source=timeline_og&action_object_map=%7B%2210000095000003710%22%3A10150700000000681%7D&action_type_map=%7B%2200050000050000010%22%3A%22og.likes%22%7D&action_ref_map=[]
Plugin Author
AITpro
(@aitpro)
The simplest way to resolve this would be to create a skip/bypass rule based on the Query string identifier. Test this code by adding it to your root .htaccess file as a plugin fixes rule #13 above rule #12. If it works successfully then add this code to the Custom Code Plugin fixes text box and save it, click AutoMagic to create a new Master .htaccess file and Activate BulletProof Mode for your root folder again.
# CUSTOM CODE PLUGIN FIXES - Your plugin fixes .htaccess code will be created here with AutoMagic
# Skip/Bypass facebook Likes
RewriteCond %{QUERY_STRING} fb_action_ids=(.*) [NC]
RewriteRule . - [S=13]
# Adminer MySQL management tool data populate
RewriteCond %{REQUEST_URI} ^/wp-content/plugins/adminer/ [NC]
RewriteRule . - [S=12]
Is this plugin the “Facebook Likes” plugin?
Plugin Author
AITpro
(@aitpro)
Resolving due to lack of confirmation or response. If the problem is still occurring then please post another comment.
Thread Starter
Macky
(@jmcdaidgmailcom)
Thanks for the prompt response AITpro. Unfortunately the fix you provided does not appear to work – I’m not really sure why. I’ve done some more testing to distil the issue down on the issue and this is what i’ve found.
Any url that has a [ as part of its query sting causes my web server to present the user with a boiler plate CentOS Apache 2 welcome page. For instance www.example.com/?x=[ or even http://www.example.com/?x="[" will also cause the user to be sent to the boiler plate page. This leads me to believe the issue is related to square bracket pattern matching. Also removing my unmodified BPS .htaccess corrects the issue, so I’m fairly certain the issue relates to the .htaccess file.
Many thanks for your help on this issue.
Plugin Author
AITpro
(@aitpro)
Ok well then since a skip/bypass rule will not work then you will have to modify (shown below) or comment out the BPS security filter that blocks the square bracket in query strings. square brackets are not used very often in hacking attempts so these are really not characters that are that critical to block in query strings.
You would modify this security filter….
RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|%3c|%3e|%5b|%5d).* [NC,OR]
...to this...
RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR]
Thread Starter
Macky
(@jmcdaidgmailcom)
Thanks for the AITPro. I also needed to modify the line below that one to remove the \x5b and \x5d. Below are modified entries.
RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x7f).* [NC,OR]
Plugin Author
AITpro
(@aitpro)
Ok thanks for confirming what needed to be done. Is this plugin the “Facebook Likes” plugin? If not, then please post the name of the plugin here. Thanks.
Thread Starter
Macky
(@jmcdaidgmailcom)
The issue is not with a plugin. These are links that appear on your facebook timeline when you “like” a webpage.
Plugin Author
AITpro
(@aitpro)
Oh so they are inbound links pointing to your website from facebook and not outbound links from your website then correct?
Ah so,,, OK I had to register to reply… (Just saw your discussion which was helping me in other way to confirm that the fb_action_ids is for facebook and not the site linked to.
So yes it is the facebook like that for example generates such URLs when liking (at least the below is similar so i guess it is the same as original poster herre) and they will appear on your timeline, but the like i look at does not have [] at the end.
http://www.example.com/?10085&fb_action_ids=508938875787085&fb_action_types=og.likes&fb_source=aggregation&fb_aggregation_id=246965925417366
Plugin Author
AITpro
(@aitpro)
So are you having the same problem or were you just asking a question in general? Are you seeing an error message or other problem?
Please post the actual URL in your reply.
I was trying to answer what you asked macky,
so
you asked: Oh so they are inbound links pointing to your website from facebook and not outbound links from your website then correct?
yes correct.
and the link i gave is from facebook like and i guess mackys also
Plugin Author
AITpro
(@aitpro)
oh ok i get it now thanks
ok great.
prob i did not explain to well, sry
see you and nice you help…
