• Resolved Momo

    (@yangman)


    Everything went well until I enable the block IP/User Agent I get this 500 error….

    Internal Server Error
    
    The server encountered an internal error or misconfiguration and was unable to complete your request.
    
    Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error.
    
    More information about this error may be available in the server error log.
    
    Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor wpsolutions

    (@wpsolutions)

    Have you enabled any other firewall rules in addition to the Blacklist IP/User agent rules?

    Can you please check your .htacess file and show us contents for the blacklist IP/user agent rules. Just copy the content which appears in your .htaccess file between the IP and User Agent tags. See an example below:

    #AIOWPS_IP_BLACKLIST_START
    Order allow,deny
    Allow from all
    Deny from 188.190.98.156
    Deny from 58.49.14.29
    #AIOWPS_IP_BLACKLIST_END
    #AIOWPS_USER_AGENT_BLACKLIST_START
    <IfModule mod_rewrite.c>
    RewriteEngine On

    RewriteCond %{HTTP_USER_AGENT} ^SurveyBot [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^YottaShopping_Bot [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^baiduspider [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^webcrawl\.net [NC]
    RewriteRule ^(.*)$ – [F,L]

    </IfModule>
    #AIOWPS_USER_AGENT_BLACKLIST_END

    Thread Starter Momo

    (@yangman)

    Have you enabled any other firewall rules in addition to the Blacklist IP/User agent rules?

    Yes I did.

    Can you please check your .htacess file and show us contents for the blacklist IP/user agent rules. Just copy the content which appears in your .htaccess file between the IP and User Agent tags.

    I don’t see the #AIOWPS_IP_BLACKLIST_START….could it be that
    I did not enter any IPs into “Enter IP Addresses” field that’s why?

    Here’s what the htaccess looks like;

    # BEGIN All In One WP Security
    #AIOWPS_BLOCK_WP_FILE_ACCESS_START
    <files license.txt>
    order allow,deny
    deny from all
    </files>
    <files wp-config-sample.php>
    order allow,deny
    deny from all
    </files>
    <files readme.html>
    order allow,deny
    deny from all
    </files>
    #AIOWPS_BLOCK_WP_FILE_ACCESS_END
    #AIOWPS_BASIC_HTACCESS_RULES_START
    <files .htaccess>
    order allow,deny
    deny from all
    </files>
    ServerSignature Off
    LimitRequestBody 10240000
    <files wp-config.php>
    order allow,deny
    deny from all
    </files>
    #AIOWPS_BASIC_HTACCESS_RULES_END
    #AIOWPS_PINGBACK_HTACCESS_RULES_START
    <IfModule mod_alias.c>
    RedirectMatch 403 /(.*)/xmlrpc\.php$
    </IfModule>
    #AIOWPS_PINGBACK_HTACCESS_RULES_END
    #AIOWPS_USER_AGENT_BLACKLIST_START
    <IfModule mod_rewrite.c>
    RewriteEngine On
    
    RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Custo [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^DISCo [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Download Demon [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Express WebPictures [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^FlashGet [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^GetRight [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^GrabNet [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Grafula [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^HMView [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^HTTrack [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Image Stripper [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Image Sucker [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Indy Library [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^InterGET [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Internet Ninja [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^JOC Web Spider [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^JetCar [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^MIDown tool [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Mass Downloader [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Mister PiX [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Navroad [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^NearSite [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Net Vampire [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^NetAnts [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^NetSpider [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^NetZIP [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Octopus [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Offline Explorer [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Offline Navigator [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Papa Foto [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^ReGet [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^RealDownload [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^SquigglebotBot [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^SuperBot [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Surfbot [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^SurveyBot [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Teleport Pro [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Web Image Collector [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Web Sucker [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WebAuto [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WebCopier [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WebFetch [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WebGo IS [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WebReaper [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WebSauger [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WebStripper [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^WebZIP [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Website Quester [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Website eXtractor [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Widow [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Xaldon WebSpider [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^YottaShopping_Bot [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Zeus [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^baiduspider [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^eCatch [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^larbin [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^pavuk [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^webcrawl\.net [NC]
    RewriteRule ^(.*)$ - [F,L]
    
    </IfModule>
    #AIOWPS_USER_AGENT_BLACKLIST_END
    #AIOWPS_BLOCK_SPAMBOTS_START
    <IfModule mod_rewrite.c>
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} ^(.*)?wp-comments-post\.php(.*)$
    RewriteCond %{HTTP_REFERER} !^https://blackorblonde\.com [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule .* https://127.0.0.1 [L]
    </IfModule>
    #AIOWPS_BLOCK_SPAMBOTS_END
    # END All In One WP Security
    
    # Use PHP5 Single php.ini as default
    AddHandler application/x-httpd-php5s .php
    
    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress
    Plugin Contributor wpsolutions

    (@wpsolutions)

    Thanks for the info.
    I can now see the cause of the issue. The user agent names which have a space between the words are causing the failure.

    Example:
    Express WebPictures
    Image Stripper
    Indy Library
    etc..

    For now, can you please disable this feature or remove any entries containing a space and we will apply a fix in our code to handle this better in the next release of this plugin.

    Thread Starter Momo

    (@yangman)

    Thanks. Look forward to the update.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    The fix for this is available in the current version (2.4) of the plugin.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘500 error’ is closed to new replies.