AITpro

Thanks wyze for taking the time to leave a review. Very much appreciated!

Assuming all questions have been answered – the thread has been resolved. If the issue/problem is not resolved or you have additional questions about this specific thread topic then you can post them at any time. I still receive email notifications when threads have been resolved.

Assuming all questions have been answered – the thread has been resolved. If the issue/problem is not resolved or you have additional questions about this specific thread topic then you can post them at any time. I still receive email notifications when threads have been resolved.

Sounds like you are using another Login page plugin that is overriding the JTC Captcha Login page hook. Are you using a custom login page plugin or some other plugin that is doing something on your login page?

Most malware scanners will scan all file types for pattern matches. BPS MScan excludes txt and log files to avoid false positives.

If the Security Log entry that triggered the malware scanner was a POST Request you can change this Security Log option setting > POST Request Body Data > to > Do Not Log POST Request Body Data (0KB). If the Security Log entry was a GET Request then you can turn off logging. If you do that then no log entries will be logged in the Security Log. So if you need to troubleshoot something in the future you would have to turn Security Logging On to troubleshoot and then turn it off again after troubleshooting.

Important Note for BPS Pro Only: Security Logging should not be turned off for BPS Pro because the Plugin Firewall AutoPilot Mode cron scans the Security Log and uses the log entries to automatically create Plugin Firewall whitelist rules.

Assuming all questions have been answered – the thread has been resolved. If the issue/problem is not resolved or you have additional questions about this specific thread topic then you can post them at any time. I still receive email notifications when threads have been resolved.

See this help forum topic on how to cleanup a hacked hosting account > it’s a very simple and easy thing to do > https://forum.ait-pro.com/forums/topic/wordpress-hacked-wordpress-hack-cleanup-wordpress-hack-repair/

Thanks emmanuelmeikle for taking the time to leave a review. Very much appreciated!

Either your server is overloaded (less likely since this is only happening on 2 BPS plugin pages) or your host is using ModSecurity CRS with rulesets that are too strict (more likely) that are blocking the System Info page checks and the Setup Wizard checks, etc.

To rule out a php memory/resource overload > deactivate all of your other plugins temporarily and check the System Info page and Setup Wizard page. If you are still seeing a 503 error then contact your web host and ask them to check the ModSecurity error logs.

Thanks mh4press for taking the time to leave a review. Very much appreciated!

HTTP response status code 401

401 Unauthorized

Although the HTTP standard specifies “unauthorized”, semantically this response means “unauthenticated”. That is, the client must authenticate itself to get the requested response.

I checked your site and you are using js minification in the LightSpeed cache plugin. js minification is known to break many things. Try turning off js minification in LightSpeed.

Great!

Your forum topic was held for possible spam. I have released it from the spam hold. See my response here > https://forum.ait-pro.com/forums/topic/error-403-wpadmin-sbr-wp-admin-post-php/

Another possibility is your web host enabled ModSecurity CRS on your host server. Turn off the BPS Security Log and try to create a POST. If you see a ModSecurity 403 page then ModSecurity CRS is causing the problem. Note: The BPS Security Log logs all 403 errors whether or not BPS is causing a 403 error.

• This reply was modified 6 months, 2 weeks ago by AITpro.

Thanks michaelboots for taking the time to leave a review. Very much appreciated!