July 14, 2017 at 6:36 pm #33780
Hi there, I’m aware that this might not be a problem with AdRotate at all, but just with my server’s configuration — nevertheless, perhaps you might give me some clues on where to search for a solution.
I’m using WP 4.8, AdRotate (Free) 4.4, Jetpack 5.1, Wordfence Security 6.3.12, WP Fastest Cache 0.8.7.0 and WP Fastest Cache Premium 1.3.4 (among many others, but I believe these are the relevant ones). The server runs Ubuntu 16.04.2 LTS and as of today it has nginx 1.12.0 built with OpenSSL 1.0.2g and PHP 7.0.18-0ubuntu0.16.04.1 (configured using PHP-FPM), database is MariaDB Ver 15.1 Distrib 10.0.29. My overall webserver configuration tool is ISPConfig 3.1.
tags), I get a 403 error – Forbidden. There are no errors whatsoever in the logs (I can see the request being made on access.log, but error.log is clean). I have entered the Maintenance tab and added all debug settings to see if I got more information, but there was nothing there — as soon as the page is submitted for adding/modifying an ad, it bombs out with a 403. As per the suggestion on the manual pages, I have whitelisted https://ajdg.solutions/ and 18.104.22.168, even though I have no pro license for AdRotate (yet!).
, which is enough to get the 403 error.
I have not yet disabled all plugins because this is a production site running a few ads for actual customers (even though I’m not making serious money with it, it’s always bad if customers see errors, debug pages, etc.). If you seriously suspect that this has absolutely nothing to do with AdRotate, then the best I can offer is to configure a blank website from scratch and see if just with AdRotate I get the same error — I haven’t done that yet.
And just for your reference, I’m testing this out mostly on
https://gwynethllewelyn.netbecause it’s my personal blog and I’m willing to do experiments there, even taking into account there are a few paid ads there; but I have many other websites on the same server, all using AdRotate, all having the same issue.
Thank you in advance for any insights.July 14, 2017 at 6:39 pm #33782
My apologies, things like … were eaten up on the above text. I just saw right now that I was supposed to enclose them in backticks like this:
Im sorry, but now I cannot edit the post above 🙁July 14, 2017 at 6:40 pm #33784
(oh… I see that the word ‘script’ is edited out here, no matter how I try to escape it… all right, I hope the first post still makes sense — just mentally insert script and /script with the appropriate brackets)July 21, 2017 at 12:34 pm #34019
AdRotate sets no limitations on scripts like that. And certainly not using 403 error pages.
A 403 error means you have no access to a page or file on your server. That’s usually done with .htaccess or from your hosting dashboard. .htaccess is, among other things, a access control feature in servers which can be used by security plugins such as Wordfence or Sucuri.
Perhaps they think the file you’re using is infected with malware (or it actually is).July 22, 2017 at 3:28 am #34053
I’m not saying Google is spreading Malware, but security software on your server may think it is…
Nginx does not use htaccess no, but it has access control tools which can cause this.
I’m not familiar enough with Nginx to say anything useful about that. But it’s just a thing to investigate.
At any rate, AdRotate (Pro) is not capable of generating 403 error pages. So whatever is causing this, is done by your server. Caused by your server or a (security) tool on it.July 28, 2017 at 6:01 pm #34458