I just narrowed it down to the rewrite rules of my htaccess file

So, my site crashed after upgrading this Plugin. My site was down for a whole night since no support was ever made available. I had a copy of htaccess in my computer so, since I’ve no tech skills to speak of I thought of simply replacing the new one with the old just for the shit and laughs.

It worked.

Now I can access my dashboard and everything but it’s still kind of wonky. Wonky in that I get my login page and a 404 in the same window (the 404 is sort of a footer in this case)

I thus managed in a very empirical way to narrow the issue down to the rewrite rules which now look as follows:

# BEGIN Tweaks
		# Rules to block access to WordPress specific files
		<files .htaccess>
			Order allow,deny
			Deny from all
		</files>
		<files readme.html>
			Order allow,deny
			Deny from all
		</files>
		<files readme.txt>
			Order allow,deny
			Deny from all
		</files>
		<files install.php>
			Order allow,deny
			Deny from all
		</files>
		<files wp-config.php>
			Order allow,deny
			Deny from all
		</files>

		# Rules to disable directory browsing
		Options -Indexes

		<IfModule mod_rewrite.c>
			RewriteEngine On

			# Rules to protect wp-includes
			RewriteRule ^wp-admin/includes/ - [F]
			RewriteRule !^wp-includes/ - [S=3]
			RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php
			RewriteRule ^wp-includes/[^/]+\.php$ - [F]
			RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]
			RewriteRule ^wp-includes/theme-compat/ - [F]
		</IfModule>
	# END Tweaks

I leave this here for developers in the hope they might fix this issue, since renaming my wp_content folder doesn’t allow me to just delete the plugin and go on with my life. Btw, that option (change wp_content name) is missing from the dashboard.

Greetings,

Xondra

https://wordpress.org/plugins/better-wp-security/