Title: Site 404, 403 errors Last modified: October 6, 2022 --- # Site 404, 403 errors * Resolved [startechmarketing](https://wordpress.org/support/users/startechmarketing/) * (@startechmarketing) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/) * I keep getting a re-occuring error with this, I can delete both .htaccess files run wizard and for 4-7 days is ok then I go to the site and error, as soon as I delete the files the site works I even tried locking the files I have the copy of the files I renamed below root: [https://codeshare.io/X8q18Y](https://codeshare.io/X8q18Y) wpadmin [https://codeshare.io/8p8KpD](https://codeshare.io/8p8KpD) * I look forward to help thank you Viewing 13 replies - 1 through 13 (of 13 total) * Thread Starter [startechmarketing](https://wordpress.org/support/users/startechmarketing/) * (@startechmarketing) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16074580) * ``` BPS SECURITY LOG ================= ================= [403 GET Request: September 30, 2022 3:54 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.55.114.34 Host Name: 20.55.114.34 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.55.114.34 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //wp-json/oembed/1.0/embed?url=https://starpaint.de/ QUERY_STRING: url=https://starpaint.de/ HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 [403 GET Request: September 30, 2022 4:20 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.151 Host Name: 205.210.31.151 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.151 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: September 30, 2022 4:26 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 50.116.92.112 Host Name: cloud188.hostgator.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 50.116.92.112 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://starpaint.de/.user.ini REQUEST_URI: /.user.ini QUERY_STRING: HTTP_USER_AGENT: WordPress/6.0.2; https://starpaint.de [403 GET Request: September 30, 2022 5:17 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.24 Host Name: 198.235.24.24 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.24 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: September 30, 2022 7:59 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.136 Host Name: 198.235.24.136 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.136 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://172.64.80.1:80/ REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: September 30, 2022 8:30 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.152 Host Name: 205.210.31.152 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.152 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: September 30, 2022 10:54 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.55 Host Name: 198.235.24.55 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.55 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: September 30, 2022 11:22 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.135 Host Name: 205.210.31.135 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.135 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: September 30, 2022 11:23 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.11 Host Name: 198.235.24.11 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.11 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 1, 2022 2:20 am] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.135 Host Name: 198.235.24.135 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.135 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 1, 2022 5:15 am] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.163 Host Name: 198.235.24.163 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.163 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 1, 2022 11:53 am] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.18 Host Name: 205.210.31.18 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.18 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 1, 2022 2:39 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.31 Host Name: 205.210.31.31 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.31 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 1, 2022 3:04 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.180 Host Name: 205.210.31.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 1, 2022 3:05 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.3 Host Name: 198.235.24.3 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.3 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 1, 2022 3:51 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 2001:41d0:8:9638:: Host Name: 2001:41d0:8:9638:: SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 2001:41d0:8:9638:: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: starpaint.de REQUEST_URI: /cgi-bin/language/jp.php?a=1 QUERY_STRING: a=1 HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.75 Safari/537.36 [403 GET Request: October 1, 2022 3:53 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 212.16.164.132 Host Name: web001.hdwkund.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 212.16.164.132 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: starpaint.de REQUEST_URI: /wp-includes/wp-add.php?v=WQEHW&c=676jhug7fgrh65y6fd5f QUERY_STRING: v=WQEHW&c=676jhug7fgrh65y6fd5f HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.75 Safari/537.36 [403 GET Request: October 2, 2022 2:49 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.168 Host Name: 198.235.24.168 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.168 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 2, 2022 6:56 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.156 Host Name: 198.235.24.156 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.156 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 2, 2022 11:35 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.49 Host Name: 205.210.31.49 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.49 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://104.21.54.70:80/ REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 3, 2022 7:10 am] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.53 Host Name: 198.235.24.53 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.53 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 3, 2022 1:52 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 20.55.114.34 Host Name: 20.55.114.34 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 20.55.114.34 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //wp-json/oembed/1.0/embed?url=https://starpaint.de/ QUERY_STRING: url=https://starpaint.de/ HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 [403 GET Request: October 3, 2022 4:09 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.149 Host Name: 205.210.31.149 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.149 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://104.21.54.70:80/ REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 3, 2022 4:38 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 50.116.92.112 Host Name: cloud188.hostgator.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 50.116.92.112 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://starpaint.de/.user.ini REQUEST_URI: /.user.ini QUERY_STRING: HTTP_USER_AGENT: WordPress/6.0.2; https://starpaint.de [403 GET Request: October 3, 2022 5:07 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.140 Host Name: 205.210.31.140 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.140 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://172.67.136.95:80/ REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 3, 2022 6:20 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.145 Host Name: 198.235.24.145 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.145 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 3, 2022 8:07 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 4.236.170.8 Host Name: 4.236.170.8 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 4.236.170.8 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //wp-json/oembed/1.0/embed?url=https://starpaint.de/ QUERY_STRING: url=https://starpaint.de/ HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 [403 GET Request: October 3, 2022 9:51 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.16 Host Name: 198.235.24.16 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.16 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 4, 2022 9:35 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.166 Host Name: 205.210.31.166 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.166 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 4, 2022 9:46 pm] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 198.235.24.180 Host Name: 198.235.24.180 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 198.235.24.180 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 5, 2022 2:43 am] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 138.68.58.45 Host Name: 525184.cloudwaysapps.com SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 138.68.58.45 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-22.php?sfilename=on.php&sfilecontent=<%3F%3D409723%2A20%3B&supfiles=on.php QUERY_STRING: sfilename=on.php&sfilecontent=<%3F%3D409723%2A20%3B&supfiles=on.php HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 [403 GET Request: October 5, 2022 4:55 am] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 205.210.31.148 Host Name: 205.210.31.148 SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 205.210.31.148 HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: / QUERY_STRING: HTTP_USER_AGENT: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com [403 GET Request: October 6, 2022 12:10 am] BPS: 6.6 WP: 6.0.2 Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: 2a03:6f00:1::b039:d15c Host Name: vh188.timeweb.ru SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: 2a03:6f00:1::b039:d15c HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-22.php?sfilename=on.php&sfilecontent=<%3F%3D409723%2A20%3B&supfiles=on.php QUERY_STRING: sfilename=on.php&sfilecontent=<%3F%3D409723%2A20%3B&supfiles=on.php HTTP_USER_AGENT: Mozilla/5.0 (Linux; Android 9; Redmi Note 7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36 ``` - This reply was modified 3 years, 8 months ago by [Yui](https://wordpress.org/support/users/fierevere/). Reason: formatting * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16077268) * I don’t completely understand your questions. What error are you seeing? * I see that php handler htaccess code is being added to the bottom of your Root htaccess file by your web host. * ``` # php -- BEGIN cPanel-generated handler, do not edit # Set the “ea-php81” package as the default “PHP” programming language. AddHandler application/x-httpd-ea-php81 .php .php8 .phtml # php -- END cPanel-generated handler, do not edit ``` * Thread Starter [startechmarketing](https://wordpress.org/support/users/startechmarketing/) * (@startechmarketing) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16077903) * My site goes down every 4-7 days it varies sometimes 3 days sometimes 7 days. Then is the 403 or 404 error. I know what the problem is because it happens always So then I rename the .htaccess files the site comes back. Then I run the BPS wizard all is ok for a few days. * So it seems something is corrupting the .htaccess file and breaking the site. * I don’t know if the host changes are doing it or what it is ? at the moment the host has not changed the file and the site is working but it has only been one day so far. * Thread Starter [startechmarketing](https://wordpress.org/support/users/startechmarketing/) * (@startechmarketing) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16077961) * ok I talk with support they are clueless at hostgator * so I added their phphandler code to custom no I wait and see what happens in a few days. * Thread Starter [startechmarketing](https://wordpress.org/support/users/startechmarketing/) * (@startechmarketing) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16078048) * This is the actual message * There has been a critical error on this website. Please check your site admin email inbox for instructions. * Learn more about troubleshooting WordPress. * Thread Starter [startechmarketing](https://wordpress.org/support/users/startechmarketing/) * (@startechmarketing) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16078053) * in debug mode i get 502 Bad Gateway – from cloudflare * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16079101) * Ok I am pretty sure that this is what is happening > Your web host is automatically adding the php handler htaccess code for PHP 8.1 in your root htaccess file every“… 4-7 days it varies sometimes 3 days sometimes 7 days”, which causes your site to go down. To fix this problem login to your web host control panel > MultiPHP Manager tool > change the php version to 8 instead of 8.1. Changing the php server version in cPanel should generate new php handler code in your root htaccess file. If your site is working normally then copy the 8.0 php handler code into this BPS Custom Code text box: 1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE, click the Save Root Custom Code button and activate Root Folder BulletProof Mode. If your site is still having problems then go back to the cPanel MultiPHP Manager tool and change the php server version to 7.4. Then copy the 7.4 php handler code into this BPS Custom Code text box: 1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/ CACHE CODE, click the Save Root Custom Code button and activate Root Folder BulletProof Mode. * Thread Starter [startechmarketing](https://wordpress.org/support/users/startechmarketing/) * (@startechmarketing) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16083830) * Ok I had to go to 7.4 php now I wait to see if it crashes in a few days, 8.0 still crashed the minute the php handler code was instered in custom code. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16084937) * Most likely 1 of your plugins or your theme is not compatible with php 8.0 and higher versions of php. Once you get your website stabilized then I recommend cloning it and creating a dev site (copy of your production site). So you can deactivate all plugins, switch your theme to a WP default theme and then start activating plugins one by one to find the plugin that is not compatible with php 8.0 and higher versions of php. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [3 years, 8 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16084951) * You can change the php version per site. So you will want to change your dev site’s php version to php 8.0 test then bump it up to 8.1 and test. * Thread Starter [startechmarketing](https://wordpress.org/support/users/startechmarketing/) * (@startechmarketing) * [3 years, 7 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16104896) * Thanks I changed to 7.4 and now I am not having the issue. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [3 years, 7 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16106134) * Ok so at this point your production site is stabilized. Another approach instead of creating a dev copy of your site to figure out which plugin or theme is not compatible with php 8.0 or higher versions would be to enable WP debugging in your wp-config.php file, switch to php 8.0 and then check your server’s php error log for errors. The php error should tell you which plugin or theme is not compatible with php 8.0. * Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/) * (@aitpro) * [3 years, 7 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16149315) * Assuming all questions have been answered – the thread has been resolved. If you have additional questions about this specific thread topic then you can post them at any time. I still receive email notifications when threads have been resolved. Viewing 13 replies - 1 through 13 (of 13 total) The topic ‘Site 404, 403 errors’ is closed to new replies. * ![](https://ps.w.org/bulletproof-security/assets/icon-128x128.png?rev=1731938) * [BulletProof Security](https://wordpress.org/plugins/bulletproof-security/) * [Support Threads](https://wordpress.org/support/plugin/bulletproof-security/) * [Active Topics](https://wordpress.org/support/plugin/bulletproof-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/bulletproof-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/bulletproof-security/reviews/) * 14 replies * 2 participants * Last reply from: [AITpro](https://wordpress.org/support/users/aitpro/) * Last activity: [3 years, 7 months ago](https://wordpress.org/support/topic/site-404-403-errors/#post-16149315) * Status: resolved