Support » Fixing WordPress » WP 2.0 – htaccess overly aggressive? 404’s galore

  • I just sent this in an email to Ryan, but I thought I should probably post it here too, just in case anyone else is seeing it.

    http://www.randomthink.net/dump_env.html is a sample of my problem output. My issue is notably different from the others I’ve seen on the boards, in that not only do my permalinks work fine, but now WP is catching odd random other requests, even when the files/folders exist.

    Examples:
    http://www.randomthink.net/archives/2005/12/30/wordpress-20/ – works fine, comments are fine too. There is a /wordpress folder under randomthink.net where I house the files, so I’m a little surprised that a slug with wordpress in it was working okay. I did update to those two files that Ryan posted – the functions-post and classes, I believe, including rev 3396 of classes, so that might be fixing that.

    http://www.randomthink.net/tests/ – this isn’t a WP page or anything, but simply a directory with some html files and whatnot, and it loads fine.

    http://www.randomthink.net/gallery/ – my G2 install, works fine.

    http://www.randomthink.net/awstats/ – my awstats install. This one doesn’t work right. WP intercepts the request and gives me a pretty WP 404. I’ve tried adding index.php to the request (shown in the dump_env above), and it doesn’t work then either. It works fine if I turn on verbose rewrites with Ryan’s plugin.

    http://www.randomthink.net/awstats/icon/clock/hr1.png – a file deep within my awstats install path. Doesn’t work, is caught by WP. Technically, the icon folder under there is a symlink, but that option is on in Apache, and it works fine if I’m using verbose rewrites.

    http://www.randomthink.net/misc/ – a directory that’s closed to open viewing, with no index file. It gets intercepted by WP. However, if I put an index file in there (be it .html or .php), I get that file, so it’s a half-works.

    http://www.randomthink.net/misc/wow/ – a directory that’s explicitly open to everyone. Works fine, regardless of index existing there or not.

    It’s seems like a random crapshoot as to whether or not folders that are at the same level as my WP index.php file (which is now the root of my site) work or not.

    I’m fairly certain that this is due to the .htaccess file handing everything off to WP that fails the -f and -d tests. However, some of those things shouldn’t be failing that test, but seem to be, since WP gets the request.

    I’m a DreamHost customer, and they’ve asked that we run PHP as a CGI. I’ve even noticed comments in some of the WP code mentioning adjustments put in place for that. I’m not sure if that could be causing some of the problems.

    Any insight you could offer would be most appreciated. I’m really comfortable in and around a shell, as well as with PHP, so if there’s anything that needs to be altered or adjusted, let me know and I’ll get it in rather quickly.

    For now, if I turn on Ryan’s rewrite.php plugin, it just writes out the verbose rewrites and all is well. However, I’m going to keep that off for the moment so you can go poke at things, should you so desire.

    As an aside, I’ve noticed that sometimes I can turn on the verbose rewrites, pull up my awstats page, then turn the verbose rewrites back off and continue to look at my stats, including a full refresh, so long as I don’t close my browser. That one could be that my awstats are guarded with basic auth, and something about being authenticated might be making the request go through past the -f and -d checks. That doesn’t make sense, but not much else has made sense with this issue so far, so I’m not surprised.

    Thanks again for any help and/or insight you can offer.

Viewing 15 replies - 1 through 15 (of 25 total)
  • I`m having the same problem.I am also at dreamhost and I cannot get to my statistics folder.Wordpress catches it and sends me back to the index.php
    I replaced it with my previous .htaccess (which was much bigger than the new one btw) and it worked but it broke the permalinks.
    My new .htaccess :

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php
    </IfModule>

    # END WordPress

    All the other folders work correctly except for my statistics folder (where I installed awstats)

    anyone know how to solve this?

    I could do with help on this as well

    I’m having the same problem here, where I have wordpress in the domain root and awstats in a subdirectory. When trying to view the subdirectory, instead I get the blog homepage.

    .htaccess help would be much appreciated!

    FIXED! Thanks to user “ronrapp” on the Dreamhost knowledge base (https://panel.dreamhost.com/kbase/index.cgi?area=796), here’s a way to get WordPress 2.0 to allow real subdirectories to work while WordPress is in the root.

    The root .htaccess file has the following three lines added into the middle of the wordpress block, where “stats” is the name of the non-WordPress subdirectory:


    RewriteCond %{REQUEST_URI} ^/stats/(.*)$ [OR]
    RewriteCond %{REQUEST_URI} ^/failed_auth.html$
    RewriteRule ^.*$ - [L]

    So, the root .htaccess should look like this:


    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_URI} ^/stats/(.*)$ [OR]
    RewriteCond %{REQUEST_URI} ^/failed_auth.html$
    RewriteRule ^.*$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php
    </IfModule>

    # END WordPress

    Then, you can add a .htaccess and .htpassword into the subdirectory to password protect it, and it works fine. (Details are available elsewhere).

    I was also able to use this to have a root-level blog (www.blog.com) and a password-protected subdirectory blog (www.blog.com/blog2). Things seem to work fine.

    Hope that helps, since I think many people are having this problem.

    Addendum: The fix above only works if you modify the .htaccess file via the root WordPress blog! You can’t modify the .htaccess file directly (not by shell or ftp)

    To get there, go to your blog’s wp-admin -> Manage -> Files -> .htaccess

    Also, you will have to redo this step if you ever Update Permalink Structure (in Options)… For some reason, that rewrites the .htaccess from scratch.

    Ok, I’m sorry again, but the solution outlined above is only temporary. WordPress is free to modify the stuff in .htaccess listed between the “# BEGIN WordPress” and “# END WordPress” at any time, and eventually WordPress will overwrite the fix I proposed there.

    I don’t know too much about .htaccess so I don’t know if you can put the three lines outside of the WordPress block in .htaccess.

    So, to get it to work (for the moment, at least), I had to modify “wp-content/classes.php” which is what generates the WordPress block in .htaccess. I realize this isn’t good programming since now classes.php can’t be upgraded as easily (right?), but it works now and can be refixed later if needs be.

    Basically I adapted the directions of http://wordpress.org/support/topic/26121?replies=27#post-228334

    So here’s the fix, starting from scratch:

    1. Go to wp-content/classes.php, and search for “$rules”. You’ll find a section that looks like this:

    $rules = "<IfModule mod_rewrite.c>\n";
    $rules .= "RewriteEngine On\n";
    $rules .= "RewriteBase $home_root\n";

    2. After that last line, add the following 3 lines where “stats” is the subdirectory to be password-protected.

    $rules .= "RewriteCond %{REQUEST_URI} ^/stats/(.*)$ [OR]\n";
    $rules .= "RewriteCond %{REQUEST_URI} ^/failed_auth.html$\n";
    $rules .= "RewriteRule ^.*$ - [L]\n";

    3. Go to “Options -> Permalink” and update the permalink structure. Verify via “Manage -> Files -> .htaccess” that your .htaccess file now reflects the three lines within the WordPress block.

    4. Add password-protection to the subdirectory via an .htaccess and .htpassword within the subdirectory, as outlined elsewhere.

    Everything should work now! You may have to repeat these steps if an upgrade to classes.php comes out in the future.

    Sorry about the confusion — WordPress kept giving me false hope!

    Thread Starter brianarn

    (@brianarn)

    Modifying the php files directly isn’t a solution that I like, at all at all, because you have to repeat it if you ever upgrade. 🙂 I’d bet there’s a way to add those rules via plugin.

    Or, I tried this and while it oddly fixed my awstats access issue, I still can’t see stats or failed_auth or whatever. Try this out rather than a modded classes.php and let me know how it works for you. Paste the # WP Fix lines above your WordPress lines. WP won’t ever edit those.

    # WP Fix
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_URI} ^/stats/(.*)$ [OR]
    RewriteCond %{REQUEST_URI} ^/failed_auth.html$
    RewriteRule ^.*$ - [L]
    </IfModule>

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php
    </IfModule>

    # END WordPress

    Edit: I said this didn’t fix my stats problem, but now it has. I can see the stuff at /stats/ just fine, and I can also see my /awstats/ stuff just fine too. Awesome!

    Thread Starter brianarn

    (@brianarn)

    I’m just going to put this as a separate reply, because it’s awfully odd.

    So, now I’ve got those pieces in as listed above, and I said it worked. It turns out, it only kind-of works.

    Oddly enough, the browser I use makes a difference.

    Firefox: http://www.randomthink.net/stats/ – I get asked to authenticate, but it winds up redirecting to WP’s 404.
    Firefox: http://randomthink.net/stats/ – I get asked to authenticate, and it works fine.

    IE: http://www.randomthink.net/stats/ – I get asked to authenticate, and it works fine.
    IE: http://randomthink.net/stats/ – I don’t get asked to authenticate, as it seems to use my prior auth, and it works fine.

    So, it’s mostly working. I’m guessing that IE just drops the www somewhere along the way in the basic auth. Very weird.

    It’s an odd fix, and makes no sense that it works for my issue, since my issue was with /awstats and not much else, but hey. Too weird.

    Finally a fix that works for me! After upgrading to WP 2.0 my Dreamhost /stats/ directory was also unreachable (unless I deleted the necessary code in my .htaccess file… then permalinks wouldn’t work).

    At least I can access my /stats/ directory again. However non-existant subdirectories (eg.: http://www.escape-key.com/bloopybloopybloopbloop )and nonexistant files (eg.: http://www.escape-key.com/whatchoowant ) still redirects to the main index.php instead of giving a 404.

    Hey guys,

    Still on 1.5, but problem is fairly similar..

    I’ve previously used the fix listed above to get the DreamHost /stats/ page to work.
    I’m now trying to get awstats to work in cgi mode, but I can’t work out the htaccess rule to stop WP from grabbing it.

    Basically I’ve tried:

    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_URI} ^/awstats/(.*)$ [OR]
    RewriteCond %{REQUEST_URI} ^/failed_auth.html$
    RewriteRule ^.*$ - [L]
    </IfModule>

    But I still cannot get to:

    http://skit.id.au/awstats/cgi-bin/awstats.pl?config=skit.id.au

    WP still comes up with:

    Nothing Found!
    No blog entries could be located. If this error continues then please let me know!

    To those of you that are able to get to awstats, or you using cgi mode or static pages?

    Fixed, needed to chmod the directory to give web access. *slaps forehead*

    I think this may be the problem I am experiencing with the latest update. I can no longer get to my gallery subdirectory, though I specified it in the htaccess file.

    This is my post with code and links.

    What is the chmod command to give web access?

    Hi folks… I’m running WP2 on my root folder on Dreamhost and have the same problem accessing my stats. Can anyone help?

    I’ve tried the code below but no joy

    # WP Fix
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_URI} ^/stats/(.*)$ [OR]
    RewriteCond %{REQUEST_URI} ^/failed_auth.html$
    RewriteRule ^.*$ - [L]
    </IfModule>

    I should add that if I hack this code into the # BEGIN WordPress section, it does work. But then it will get deleted next time I change my permalinks (altho I guess I shouldn’t be changing them that often!)

Viewing 15 replies - 1 through 15 (of 25 total)
  • The topic ‘WP 2.0 – htaccess overly aggressive? 404’s galore’ is closed to new replies.