404 Error

  • Resolved Site designer

    (@site-designer)


    11 years, 3 months ago

    If I activate “Activate Root Folder BulletProof Mode” it breaks my site with 404 errors and index.php not found. I can activate this protection on the wp-admin folder without any problems. I do have an index.php file. I have tested this several times and each time I deactivate bps on the root folder my site works fine (except I have to edit one line RewriteRule . /jlwp/index.php [L] on the standard .htaccess file that deactivating BPS creates. As soon as i activate BPS on the root again all pages except the home page come up with the errors above. This seems to have happened with the last updates but not entirely sure as I haven’t been through any website checks recently.

    The only thing I can think of is that I do not have wordpress installed into my site’s main folder, it’s in a subfolder under the main domain folder and I think when BPS is creating the root .htaccess file it is assuming that I have wordpress loaded on the main domain folder (judging by the fact that the deactivate replacement standard .htaccess code did not take account of my sites wp folder setup) and then writing the code with that assumption? Could this be the problem and if so how can i correct this so I can use the bps root .htaccess file protection?

    The root .htaccess file I am talking about is in the subfolder that WP is installed in on my domain so it is in the root of the WP installation and not in the main domain folder itself. This does have an .htaccess file too which has the following code

    RewriteEngine on
    RewriteCond %{HTTP_HOST} ^www.\websitename\.com$ [OR]
    RewriteCond %{HTTP_HOST} ^www\.websitename\.com$
    RewriteRule ^/?$ “http\:\/\/www\.websitename\.com\/jlwp” [R=301,L]

    I do have to make sure that I have this line on the standard .htaccess file where wordpress is loaded or else the website pages other than the homepage don’t work. RewriteRule . /jlwp/index.php [L].

    The other thing I tried and again not sure why this would make the difference but I am using custom permalinks http://wwww.websitename.com/jlwp//%category%/%postname%.html. If I use the default WP permalink structure then the bps on the root .htaccess file is fine and my pages all work. As soon as I try to change back to the preferred custom permalink settings mentioned above WP of course tells me it cannot change my .htaccess file and that I need to change it manually including the line I have shown above and no pages on my website apart from the homepage work any longer all producing 404 and index.php file not found errors.

    I hope I have given as much information as I can to help figure out what the problem may be.

    Many thanks,
    K

    https://ww.wp.xz.cn/plugins/bulletproof-security/

Viewing 15 replies - 1 through 15 (of 17 total)
1 2
  • Plugin Author AITpro

    (@aitpro)

    11 years, 3 months ago

    First yes this WordPress permalink hack is a known problem: /%category%/%postname%.html

    The postname.html hack is not a valid WordPress permalink structure|structure tag. It has been a while since anyone has posted this problem. Originally many years ago some SEO person posted that this added some SEO benefit – completely false. It never did and still never will.

    another problem is you have 2 forward slashes after /jlwp//, not critical but still technically incorrect.
    /jlwp//%category%/%postname%.html

    What I recommend before trying to troubleshoot anything else is that you correct the permalink hack and use a valid WordPress Custom Permalink Structure: /%category%/%postname%/

    http://codex.ww.wp.xz.cn/Using_Permalinks

    Plugin Author AITpro

    (@aitpro)

    11 years, 3 months ago

    Why is the permalink hack BS? Because all search engines: Google, Yahoo, Bing, etc. can tell what type of website you are running. You cannot trick them by adding an .html file extension. If you have a PHP site the search engines will detect that and rank the site accordingly based on PHP caculations. Creating the .html file extension in your URL’s does not do anything except for cause problems for your PHP site.

    Thread Starter Site designer

    (@site-designer)

    11 years, 3 months ago

    Thank you for your reply.

    I didn’t do the permalink because of SEO or tricking the search engines. It was because I designed the website originally in dreamweaver with html pages and later when I was going for a new look. (I completely redo the websites every 12 to 18 mths to keep things fresh and interesting) I changed it to a wordpress site. It was easier to use the same page structure as I had designed in dreamweaver then it was creating a lot of redirects to stop downtime and 404 errors on pages all the search engines had already cached from the original site design the year before. I also to be honest think it looks nicer and more user friendly and memorable in the address bar to show page.html or page.php then the default ?p=123 etc that wordpress displays.

    The // was a typo on my post to you, the actual permalink only has one forward slash. I’m sorry for any confusion caused.

    I tried what you suggested jlwp/%category%/%postname%/ and the site continued to work but once I recreated BPS on the root file I go back to every page but the home page giving me the same errors as before

    The requested URL /index.php was not found on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

    Could this be because the site only works if I have the jlwp subfolder listed in the rewrite lines in the wp default .htaccess file and your secure .htaccess file might not be pointing to this folder?

    To try and clarify if I deactivate the bps on the root .htaccess file then BPS replaces it with a standard WP .htaccess file which does not have the lines pointing to the subfolder so my site still does not work. I then have to go through file manager on my domain and manually edit the .htaccess file to what WP would have put in had it been able to still access and update it. See below

    Your standard WP .htaccess file

    1 # BEGIN BPS WordPress
    2 <IfModule mod_rewrite.c>
    3 RewriteEngine On
    4 RewriteBase /
    5 RewriteRule ^index\.php$ – [L]
    6 RewriteCond %{REQUEST_FILENAME} !-f
    7 RewriteCond %{REQUEST_FILENAME} !-d
    8 RewriteRule . /index.php [L]
    9 </IfModule>
    10 # END BPS WordPress

    Manually edited .htaccess file to match what WP would have updated it to after changing permalink settings if it was not now locked. This .htaccess file has my website fully working

    1 # BEGIN BPS WordPress
    2 <IfModule mod_rewrite.c>
    3 RewriteEngine On
    4 RewriteBase /jlwp/
    5 RewriteRule ^index\.php$ – [L]
    6 RewriteCond %{REQUEST_FILENAME} !-f
    7 RewriteCond %{REQUEST_FILENAME} !-d
    8 RewriteRule . /jlwp/index.php [L]
    9 </IfModule>
    10 # END BPS WordPress

    Can you see the difference in lines 4 and 8 between the two files above? The second default one which WordPress creates and which my site works with points to the subfolder WP is installed in on my domain. This made me wonder is there a line or two in the standard secure BPS .htaccess file that is created that needs to be edited to have this subfolder jlwp listed to work

    Many thanks,

    K

    Plugin Author AITpro

    (@aitpro)

    11 years, 3 months ago

    BPS assumes you are using a standard WordPress setup (regular root and subfolder WordPress installations and Giving WordPress Its Own Directory installations) to create the .htaccess files and code. BPS uses whatever WordPress settings you are using. If you are doing something else that is unusual then you can make manual modifications for whatever other customizations you are making|have made. AutoMagic works based on your WordPress settings so if you are doing something different then you can use AutoMagic to create the base Master secure.htaccess file and then modify that Master file before you activate it.

    The BPS htaccess File Editor allows you to modify the Master secure.htaccess file to your unique customizations and save your customizations. Then you would go to the Security Modes page and activate Root folder BulletProof Mode.

    Plugin Author AITpro

    (@aitpro)

    11 years, 3 months ago

    BPS gets the WordPress settings from the WordPress Settings >>> General page:

    WordPress Address (URL)
    Site Address (URL)

    Thread Starter Site designer

    (@site-designer)

    11 years, 3 months ago

    Thank you for the quick response!

    I didn’t know I could modify the master secure htaccess file through WP so thank you for letting me know.

    I have done something unusual in that I have WP in a subfolder (there was a good reason for doing this when I first set it all up) but WP itself knows I have done this and so far I haven’t done any other customization of files. The .htaccess file I showed you before which works is the one WP creates itself when you modify the permalinks but I think because I have enabled BPS before, WP seems to think it now can’t modify the file itself (because of permissions maybe?) so it shows a message to say it is not writable when I save the permalinks file and that I have to cut and paste the code directly into my .htaccess file which is what I have been doing once I noticed the restored BPS default file was missing out the subfolder the installation is in and hence the site was not working.

    I’m a bit confused now as if BPS uses the WordPress settings then the secure file should work too as well as the restored defauult file. I have checked the settings/general page and both the wordpress and site address include the full path inc the subfolder.

    I suppose to simplify the question, there is a lot more code in the bps secure .htaccess file and it didn’t jump out at me which lines I needed to edit to make it recognize the subfolder path. Would you mind telling me which line(s) I need to edit in the bps secure .htaccess so that it recognizes the subfolder WP is installed in.

    Many thanks for all your help,
    K

    Plugin Author AITpro

    (@aitpro)

    11 years, 3 months ago

    hmm then BPS should be getting the subfolder name from those WordPress settings and creating it in your htaccess file. Not sure what that is not working on your site. It should since that is what the BPS code does.

    The manual edits that you want to make to the secure.htaccess file are:

    Change this...
# WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
...to this...
# WP REWRITE LOOP START
RewriteEngine On
RewriteBase /jlwp/
RewriteRule ^index\.php$ - [L]

Change this...
# END BPSQSE BPS QUERY STRING EXPLOITS
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# WP REWRITE LOOP END
...to this...
# END BPSQSE BPS QUERY STRING EXPLOITS
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /jlwp/index.php [L]
# WP REWRITE LOOP END
    Thread Starter Site designer

    (@site-designer)

    11 years, 3 months ago

    Thank you!!!

    Yes I was confused too by it not picking the information up from my WP settings. I tried the bps .htaccess editor on the root file to make the changes after unlocking it and then saving it and relocking it. Said it was successful but when I tested it I was back to having those 404 errors. So I went through my domain cpanel file editor and found the changes were not there and hadn’t been saved so I manually edited them and now hooray website is back up and running with bps protection.

    Last question and thank you for all your help with this.

    Will I need to redo these edits each time I update the plugin?

    Best Wishes,
    K

    Plugin Author AITpro

    (@aitpro)

    11 years, 3 months ago

    Ok then BPS is getting the correct WordPress settings, but the actual file writing and/or file copy is being prevented by something either that you have installed on your website or more likely a server configuration setting (open_basedir, a jail of some kind, something else) or the Owner of the root folder is not the same Owner as your other WordPress folders.

    The answer to your question would be no you would not have to do anything when you update BPS in the future, BUT from time to time we may either make corrections to the BPS root .htaccess file automatically or add new security rules automatically. That would of course not work on your website/server since something is preventing BPS from being able to do file writing and/or file copying.

    Plugin Author AITpro

    (@aitpro)

    11 years, 3 months ago

    Actually you may have to manually change the BPS htaccess file version numbers manually when you update BPS. Normally this is done automatically during an update, but if BPS cannot write to the root .htaccess file then the version number in the root htaccess file will not be updated automatically.

    Thread Starter Site designer

    (@site-designer)

    11 years, 3 months ago

    This is the weird thing though, it DOES write to and save the file on my server. If I use the Automagic buttons and deactivate the bps .htaccess it overwrites the file with the standard default WP .htaccess file (but missing the subfolder settings specific to my installation). If I activate it the whole file is overwritten on the sever with a bps secure .htaccess file (but missing the subfolder settings). If I use the .htaccess editor after unlocking, editing and then locking the file, it says it has saved it but doesn’t update my server with the subfolder settings added. I have no idea why this is so. If it was locked and I think I am the only owner of all the files on the domain then automagic wouldn’t be able to overwrite the file on the server at all but it does. Strange huh?

    This is the version I think from the latest update I did.
    BULLETPROOF .51.6 >>>>>>> SECURE .HTACCESS

    Is the correct and latest version so I know if it is able to update the way it should be doing?

    Thanks again,

    K

    Plugin Author AITpro

    (@aitpro)

    11 years, 3 months ago

    Ok then I was wrong. The original issue/problem is still what is going on. So that means that BPS will be able to update the root .htaccess file version number and do any other automated things that occur during an upgrade.

    Plugin Author AITpro

    (@aitpro)

    11 years, 3 months ago

    What do you have for these WordPress settings? WordPress Settings >>> General page:

    Should look like this for a root site installation:
WordPress Address (URL) http://www.example.com
Site Address (URL) http://www.example.com

And this for a subfolder installation where WordPress is installed in a folder named /blog/:
WordPress Address (URL) http://www.example.com/blog
Site Address (URL) http://www.example.com/blog

And this for a Giving WordPress Its Own Directory (GWIOD) installation where WordPress is installed in a folder named /blog/:
WordPress Address (URL) http://www.example.com/blog
Site Address (URL) http://www.example.com
    Thread Starter Site designer

    (@site-designer)

    11 years, 3 months ago

    It’s set up like option 2 for a subfolder installation. Both the wordpress address url and site address url are the same.

    wordpress address (url) http://www.example.com/jlwp
    site address (url) http://www.example.com/jlwp

    I haven’t named the website example.com though lol.

    WordPress itself recognizes the folders as when it updates the .htaccess file for example by changing and saving the permalinks it does add the jlwp to the relevant lines. I think the file remained locked though after first enabling bps so even when I deactivated the secure .htaccess file and bps reverted to a default standard wordpress installation .htaccess file the file permissions or locking might still have been left on the .htaccess file. Hence why I had to manually add the subfolders to the relevant lines directly on the server from the .htaccess file WP wanted to update but couldn’t. (As you know ,when you try to save permalinks WP shows at the bottom of the screen the .htaccess file it creates) but in my case an error message saying If your .htaccess file were writable, we could do this automatically, but it isn’t so these are the mod_rewrite rules you should have in your .htaccess file. Click in the field and press CTRL + a to select all. The references to the jlwp folder were present in those lines it wanted me to cut and paste and secure bps mode had been deactivated on the root folder.

    Thinking back on all the steps I took after you suggested I change the permalinks, if I remember right when I deactivated both the wp-admin and root secure .htaccess files using magic buttons, then WP could save and update the files ie through changing permalinks. Through testing to try and figure out what the 404 problem was I found securing WP-admin didn’t seem to cause a problem with the 404 errors so I left that one re-enabled after that point. Maybe it still kept a permissions lock on the root file because it was enabled on the other file and hence WP couldn’t write to it.

    I’m not sure and hope I am not complicating things with the extra information. The main thing I’m trying to say is that WordPress itself seems to recognize the subfolder installation given the lines in the .htaccess file it generated and tried to update.

    Plugin Author AITpro

    (@aitpro)

    11 years, 3 months ago

    Yep that is the oddest thing of all since we are using the same code that WordPress uses to get and create the htaccess code. So not really sure what the issue/problem could be. Strange???

Viewing 15 replies - 1 through 15 (of 17 total)
1 2

The topic ‘404 Error’ is closed to new replies.