WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] BPS Dashboard Options Page Won't Open (57 posts)

  1. Jose
    Member
    Posted 1 year ago #

    Hello,

    This is the story of what brings me here:

    I wanted to have G+ comments on my blog, so I downloaded Comments Evolved for WordPress plugin. It led me to install Php 5.3 + because my previous configuration was at 5.2, which was not compatible with this plugin.

    So I upgraded to 5.4 (single.ini) with my host, Bluehost.

    Php.ini file was created by Bluehost, and it wrote the php handler information into the public .htaccess file that already existed which BPS had created.

    I took the handler info from the top, deleted it and placed it under custom code in BPS to do the process over again.

    Problem: When creating the secure htaccess file for WP-Admin, BPS times out (although it creates the file as I see it through FTP).

    From this point forward, I cannot access BPS options through dashboard unless I remove the PHP handler information from the htaccess in my public Root...which consequentially makes Comments Evolved to stop working and remind me that it doesn't detect php 5.3.

    This is all very confusing to me and trust me I've searched and spent hours trying to find the right information.

    The same thing happens if I have bluehost create a php 5.3 or cgi single.ini....makes no difference. same symptoms.

    Any help is appreciated? I need to know how this is all related...but the above is all fact.

    Thank you!

    http://wordpress.org/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Ok let's narrow down the possible problems to zero in on the exact cause.

    Activate BPS Default Mode and add your 5.4 php/php.ini handler .htaccess code directly into the default .htaccess file using the BPS built-in .htaccess editor. You will be editing the "Your Current Root htaccess File", which will be a standard/default WordPress .htaccess file/code. Let me know the results at this point. If you are forced to do these steps via FTP then do them with FTP just to get to this point of testing.

    ...
    ...
    ...
    # The DEFAULT .HTACCESS file should be used for testing and troubleshooting purposes only
    
    add your php/php.ini handler .htaccess code here.
  3. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Also post the php/php.ini handler .htaccess code that you are using.

  4. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Also doing a general search I found a very similar situation/problem.

    http://wordpress.org/support/topic/php-version-difference-after-changing-it-at-bluehost-php-config?replies=3#post-4325312

    The problem and solution could be something as simple as this:

    I know that at Bluehost when you change the phpConfig that it will modify the .htaccess file in your main public_html folder.

    If this WordPress that you want to change is in a sub-folder, it might have it's own .htaccess that's causing it to not use the main one. Try to find the line of code in your main .htaccess for php 5.3 and copy it to the .htaccess where your WordPress is located.

  5. Jose
    Member
    Posted 1 year ago #

    Thank you AITpro. I already came across the link you sent and in this case it doesn't apply. I don't have multiple htaccesses/subfolders, just one site with this installation.

    The handler code that I am using right now is:

    AddHandler application/x-httpd-php54s .php

    That is the code that Bluehost puts atop the root htaccess file, which is probably the same as if I were to go through the custon code option within BPS...but I go through the custom code route through BPS anyway. Either way, I have tried both, and as long as that handler is in the htaccess, the BPS options will not open and time out in I believe a 1001 error.

    Another consequence of this PHP upgrade has been that my WP cron is not functioning. Scheduled posts were missed since this and now I have to do publish manually, which has led me to find temp solutions, namely an wpconfig alternative cron configuration which I have not yet tried.

    Let me do the first step you mentioned and I will repost. I will remove the handler through FTP to be able to access BPS options through WP dashboard, then active default and follow your steps.

  6. Jose
    Member
    Posted 1 year ago #

    BTW before coming on here I talked to Bluehost about this. They said PHP 5.4 single ini should be fine and it is actually where they are moving their customers to, but they couldn't tell me what the relation is between BPS, the PHP upgrade and perhaps the new commenting system.

  7. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Hmm interesting that there is some sort of timeout occurring. We have tested BPS up to PHP 6.0 and the PHP5.4 version we are currently testing with is PHP Version 5.4.7. So to answer your question there should not be any sort of incompatibility issue with BPS using PHP5.2.x, PHP5.3.x, PHP5.4.x or up to version PHP6.

  8. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Also to ensure that another plugin is not actually causing this problem then what you want to do is deactivate all other plugins and then see if BPS functions normally. Unfortunately, a very common problem that we see is some plugins load their scripts everywhere in the WordPress admin area - other plugin settings pages, WordPress settings pages, everywhere. ;)

  9. Jose
    Member
    Posted 1 year ago #

    @AIT Good to know. I am sure BPS works with these PHP versions, but I am here for help because I don't know how all of this is related.

    I haven't tried disabling plugins just yet. I tried the first step you mentioned:

    FTP'ed into root htaccess, removed php handler information so that I could access BPS options through WP dashboard.

    I also renamed php.ini to php.ini.bak (the php 5.4 ini Bluehost created)

    Went to BPS options, created a default root htaccess, went to built-in editor and added handler so that it now appears like this:

    AddHandler application/x-httpd-php54s .php
    
    #   BULLETPROOF PRO 5.D DEFAULT .HTACCESS      
    
    # If you edit the line of code above you will see error messages on the BPS Security Status page
    
    # WARNING!!! THE default.htaccess FILE DOES NOT PROTECT YOUR WEBSITE AGAINST HACKERS
    
    # This is a standard generic htaccess file that does NOT provide any website security
    
    # The DEFAULT .HTACCESS file should be used for testing and troubleshooting purposes only
    
    # BEGIN WordPress
    
    <IfModule mod_rewrite.c>
    
    RewriteEngine On
    
    RewriteBase /
    
    RewriteRule ^index\.php$ - [L]
    
    RewriteCond %{REQUEST_FILENAME} !-f
    
    RewriteCond %{REQUEST_FILENAME} !-d
    
    RewriteRule . /index.php [L]
    
    </IfModule>
    
    # END WordPress

    Then I activated default for root folder and confirmed through FTP that the htaccess looked like it does in the BPS editor.

    Tried to load BPS options through dashboard, and it time outs. I also tried it after renaming the php.ini back to its original name, and it times out.

    It only seems to be able to open BPS options if I don't have any handler information in the htaccess.

    Let me know what else you may think of.

    My frustration comes in not understanding well what information Bluehost creates within the php.ini file, and not understanding PHP in general. :(

  10. Jose
    Member
    Posted 1 year ago #

    Okay, I also tried to disable all plugins except BPS and tried to open BPS options through WP dashboard and it still stalls/time outs. I can only open it if I remove the php handler at this point.

  11. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Well unfortunately to me that means that your Host is doing something unusual with PHP5.4 (meaning not a standard default PHP5.4 Server installation or PHP5.4 Server configuration) or blocking something that is loading on BPS options page.

    Do your Server logs show what that might be?

  12. Jose
    Member
    Posted 1 year ago #

    I will try to talk to the host again. I have checked the logs and there were things there. Is it safe to list those errors here? I thought of sharing them with you earlier but wanted to go through some initial steps.

    Do you think that the WP-Admin htaccess needs the php handler information?

    I may have just sounded really stupid regarding this.

    Thank you

  13. Jose
    Member
    Posted 1 year ago #

    I asked that ^ because although I know the whole point of having a single.ini is that that htaccess file will work for the rest of the subfolders in case there are other htaccess files in those folders...

    So with there being one in WP admin, is there any conflict? Or like I said, does it need some custom code?

    thank you.

  14. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Yes, it is safe if you change your actual real hosting account name using xxxx's. WordPress has a Forum posting policy where it is ok to post snippets of code or log entries, but not ok to post excessive log entries or code (you would use pastebin for that) so just post no more than 10 log entries and wrap them in the code tags.

    No, the wp-admin .htaccess file does not need a php/php.ini handler and yes you are correct that using the single php.ini option means apply the php.ini settings sitewide based on the php/php.ini handler code in your root .htaccess file ONLY.

  15. Jose
    Member
    Posted 1 year ago #

    Thanks for the answer regarding php hander in WP Admin's htaccess. It was just a guess!

    Okay, as for the errors, unfortunately I have multiple errors for different folders, including public, admin, a plugin, and these are two errors for BPS folder, not sure if it relates to anything:

    [20-Aug-2013 01:04:18 UTC] WordPress database error Incorrect key file for table '/ramdisk/mysql/tmp/#sql_7a3b_1.MYI'; try to repair it for query SHOW COLUMNS FROM wp_terms made by require_once('wp-load.php'), require_once('/xxxxx/xxxx/wp-config.php'), require_once('wp-settings.php'), do_action('init'), call_user_func_array, AVH_EC_Core->handleInitializePlugin, AVH_DB->field_exists, AVH_DB->getFieldNames
    [20-Aug-2013 01:04:18 UTC] WordPress database error Duplicate column name 'avhec_term_order' for query ALTER TABLE wp_terms ADD <code>avhec_term_order</code> INT( 4 ) NULL DEFAULT '0' made by require_once('wp-load.php'), require_once('/xxxxxx/xxxxx/wp-config.php'), require_once('wp-settings.php'), do_action('init'), call_user_func_array, AVH_EC_Core->handleInitializePlugin

    If there is anything you can get out of that, let me know. I do notice a name of a plugin in these errors called AVH extended categories widget.

    I will uninstall it just because I don't like seeing it in the error logs.

  16. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    these php errors from your php error log just show individual problems with the 1 plugin. check your Apache Server logs too.

  17. Jose
    Member
    Posted 1 year ago #

    Not sure where to find that...Only options in control panel are error logs, and error pages (to customize them).

  18. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    I believe cPanel has a utility called Raw Access Logs, but that would probably not provide any clues.

    If your Host has bundled something into PHP5.4 or done some custom configuration stuff then the only person who would be able to provide an answer would be someone who has Administrator permissions to the Server. Without some sort of error to look at and without Administrator access to the Server it is pretty much impossible to figure out what is wrong.

  19. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    I did just think of a way to diagnose the problem using reverse engineering thinking.

    Do this:

    Add the php 5.4 handler so that the BPS options page will freeze/time out. While the page is frozen/hung, right mouse click and choose View Source to view the source code of the page. Wherever the source code of the page ends is where the problem is occurring.

    copy and paste the very last lines of source code here.

  20. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Do this and see what happens. FTP to your website and delete this file: /wp-content/bps-backup/logs/http_error_log.txt

  21. Jose
    Member
    Posted 1 year ago #

    Regarding the deleting the error log solution, I had tried that already before starting this post...I thought it would really help and was excited to maybe have fixed it...but it still timed out and didn't open options.

    The solution to look at the source sounds good. Let me do that today.

  22. Jose
    Member
    Posted 1 year ago #

    For the source solution:

    I opened BPS options so that it hung, but when I tried to get the source (on Chrome), the option to view page source was not "live". It was pale and unclickable. The only option was to view page info, which is something else, like credentials, cookies it has saved, etc.

  23. Jose
    Member
    Posted 1 year ago #

    Then finally it turned into a 524 error, time out

  24. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    The only reference I found for a Google Chrome 524 error is this: 524 - DNS lookup failure. This can happen if the DNS name for the origin host cannot be resolved. Check the DNS configuration for your origin host.

    So this could mean that one of the System Info checks is causing the hang due to maybe being blocked by some setting in PHP5.4 that your Host is using.

    What happens when you use the Firefox browser instead of Chrome?

  25. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Worth a shot to rule out that possibility.

    download the /bulletproof-security/admin/options.php file and cut the entire System Info page out of the options.php file.

    Cut the code out of the options.php file from code line 2154 to 2505

    <div id="bps-tabs-4">
    ...
    ...
    ...
    <?php } ?>
    </div>

    Then upload the options.php file back to the /bulletproof-security/admin/options.php folder and overwrite the options.php file.

  26. Jose
    Member
    Posted 1 year ago #

    Okay, I will look into these things. Getting back on it now that the weekend is dying down. Hope you've had a good weekend. Will report soon.

  27. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Another factor in the equation could be mod_security. mod_security out of the box works fine with BPS .htaccess code. We test with mod_security and BPS .htaccess code on Development sites. We have seen mod_security issues where custom SecRules/SecFilters cause problems/conflicts when used with BPS .htaccess code and cause problems in general for other plugins and the general functionality of the site itself if the SecRules/SecFilters are doing something that is too restrictive or the SecRules/SecFilters have a misconfiguration somewhere.

  28. Jose
    Member
    Posted 12 months ago #

    Hi AIT,

    I hope you've had a good weekend. Okay, came back to it tonight. I've had to live with the problem, as long as my site is secured...but it keeps me from messing with categories/permalinks because then it resets BPS, and I have to go in there again, activate it, then add the handler in through FTP, etc. So it is something I need to figure out. Otherwise, I don't go into BPS 'cause I can't. But given current configuration, site works well.

    So tonight, tried it on Firefox: same result. It hangs, loading forever.

    Going to try the system info cut out and report back.

    Thank you for everything, Jose.

  29. Jose
    Member
    Posted 12 months ago #

    Okay, I tried the next solution, to cut out tab 4 from options.php.

    I did so, and this time when going to BPS options, it did load something, unlike before. Before the whole page would just be blank. This time, it quickly loaded the WP top navigation bar, and the WP main navigation side menu. The content of the page stayed white, and it stayed loading.

    Before going to the next solution you provided, what did that tell you?

    I am going to upload the original options.php for now, until I hear from you.

    Thank you,
    Jose

  30. AITpro
    Member
    Plugin Author

    Posted 12 months ago #

    The only other thing I can think of to try is to use the WordPress DEBUG Constants to try and figure out what is not working.

    In your wp-config.php file add or change these Constants as shown below.

    /**
    * For developers: WordPress debugging mode.
    *
    * Change this to true to enable the display of notices during development.
    * It is strongly recommended that plugin and theme developers use WP_DEBUG
    * in their development environments.
    */
    define('WP_DEBUG', true);
    define('WP_DEBUG_LOG', true);
    define('WP_DEBUG_DISPLAY', true);

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic