Can't activate WP-Admin

Resolved Miz.Michele
(@mizmichele)

10 years ago
I’ve been having issues so I wanted to clear .htaccess and start anew

I backed up .htaccess files for root and admin to my computer and deleted .htaccess files from server.

I use automagic buttons and have temporarily set to 777.

I am able to activate for root but not for admin no matter what I do.

I even put a blank htaccess in admin and that didn’t work. I tried to copy the generic code to it and that didn’t work. In the editor it shows blank for admin and secure admin.

ERROR: A valid BPS htaccess file was NOT found in your wp-admin folder. Either you have not activated BulletProof Mode for your wp-admin folder yet or the version of the wp-admin htaccess file that you are using is not the most current version. BulletProof Mode for the wp-admin folder MUST also be activated when you have BulletProof Mode activated for the Root folder. Please view the Read Me Help button above

Then I activate it after activating root and on top I see this
```
BPS Alert! A valid BPS htaccess file was NOT found in your wp-admin folder
BulletProof Mode for the wp-admin folder MUST be activated when you have BulletProof Mode activated for the Root folder.
Check the BPS Security Status page for more specific information.
Upgrade to BulletProof Security Pro
1,079,831 Downloads5 stars4 stars3 stars2 stars1 star
Rate BPS
```
But in the middle it says this,

BulletProof Security ~ htaccess Core
BulletProof Security wp-admin Folder Protection Activated. Your wp-admin folder is now protected with BulletProof Security.

Then I got back to security status page and on top is this
BPS Alert! A valid BPS htaccess file was NOT found in your wp-admin folder
BulletProof Mode for the wp-admin folder MUST be activated when you have BulletProof Mode activated for the Root folder.
Check the BPS Security Status page for more specific information.

I check the editor and my files via FTP and the admin .htaccess is blank.

I ven tried to copy the wpad admin file to the admin file and no luck.

Any suggestions because I’m stuck.

https://wordpress.org/plugins/bulletproof-security/

Viewing 8 replies - 1 through 8 (of 8 total)

Thread Starter Miz.Michele
(@mizmichele)

10 years ago
I read this threat http://wordpress.org/support/topic/plugin-bulletproof-security-w3tc-and-bps-not-playing-together-nicely but it didn’t help.

Now I have

ERROR: A valid BPS htaccess file was NOT found in your wp-admin folder. Either you have not activated BulletProof Mode for your wp-admin folder yet or the version of the wp-admin htaccess file that you are using is not the most current version. BulletProof Mode for the wp-admin folder MUST also be activated when you have BulletProof Mode activated for the Root folder. Please view the Read Me Help button above.

and
```
√ WordPress DB Show Errors Function Is Set To: false
√ WordPress Database Errors Are Turned Off
√ WordPress Meta Generator Tag Removed
√ WordPress Version Is Not Displayed / Not Shown
√ The Default Admin username "admin" is not being used
√ The WP readme.html file does not exist
<strong>The WP /wp-admin/install.php file is not .htaccess protected
```
```
√ An .htaccess file was found in your root folder
√ An .htaccess file was found in your /wp-admin folder

√ Your Root .htaccess file is backed up.
√ Your wp-admin .htaccess file is backed up.

Under file editor - both files for admin are still blank and in the htaccess file via ftp it's blank again.  It keeps wiping it out.
```
Plugin Author AITpro
(@aitpro)

10 years ago

777 folder permissions are not safe so change that back to 755. 777 folder permissions should only be used for brief/temporary testing and only when you have a DSO server type. Your server type is displayed on the BPS System Info page.

In a previous thread post you mentioned that you have mod_security enabled on your Server so my guess is that a mod_security SecRule or SecFilter is not allowing/blocking something in the wp-admin .htaccess file.

If you want a quick solution just to make the displayed BPS alert go away then you can do this (the logic is if mod_security is already protecting the wp-admin folder then you can live without BPS protection in the wp-admin folder):
Go to the htaccess File Editor tab page >>> click on the wpadmin-secure.htaccess >>> copy this line of code: # BULLETPROOF .50.1 WP-ADMIN SECURE .HTACCESS >>> click on Your Current wp-admin htaccess File tab >>> paste that line of code at the very top of that file >>> click the Update File button.

If you want to actually figure out what mod_security is blocking in the BPS wp-admin .htaccess file then you will need to contact your Host, send them a copy of the wp-admin .htaccess file and ask them what in that file/code is being blocked by mod_security on your Server/website.

Thread Starter Miz.Michele
(@mizmichele)

10 years ago

OK thanks. So strange that it was working until I deleted it. It is driving me crazy! Thanks

Plugin Author AITpro
(@aitpro)

10 years ago

The hardest things to figure out are changes that your Host makes on their Servers. Those changes will throw you for a loop because you assume it is something that changed on your website and not something that changed on the Server.

Thread Starter Miz.Michele
(@mizmichele)

10 years ago

I went ahead and pasted the default code in the editor in both places and saved it and now it is showing up as protected.

Strange.

Plugin Author AITpro
(@aitpro)

10 years ago

Cool. Most likely the way the wp-admin BulletProof Mode Form (clicking the Activate button) is submitting the file/data is triggering a mod_security SecRule or SecFilter. It is a POST Request so that data would be filtered by mod_security. By using the htaccess File Editor Form you are also submitting a POST Request, but the Form method/processing is a bit different so apparently mod_security is ok with that method.

Plugin Author AITpro
(@aitpro)

10 years ago

Also I am assuming that this has something to do with a mod_security SecRule or SecFilter, but it could be something else entirely like a Server security scanner app installed on the Server. In general, BPS .htaccess code and mod_security SecRules and SecFilters very rarely conflict with each other.

Thread Starter Miz.Michele
(@mizmichele)

10 years ago

It’s working. I waited until that site was order before reconfiguring the other site on the same server and I was knowledgeable about what to do and on the other site with the same permissions it took right away but I am going over everything.

Thanks a lot for the help. I really appreciate it.

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘Can't activate WP-Admin’ is closed to new replies.

Tags