WordPress.org

Ready to get started?Download WordPress

Forums

All In One WP Security & Firewall
[resolved] Can't ban (17 posts)

  1. SickSquirrel
    Member
    Posted 10 months ago #

    The plugin was unable to write to the .htaccess file. Please edit file manually.

    Either my permissions are incorrect or something in .htaccess is wrong. It is dated 9/19 as I installed the plugin then

    Here is my .htaccess file

    <IfModule mod_rewrite.c>
    ##BLOCKWP attacks
    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} =POST
    RewriteCond %{HTTP_REFERER} !^http://(.*)?.mysite.com [NC]
    RewriteCond %{REQUEST_URI} ^/wp-login\.php(.*)$ [OR]
    RewriteCond %{REQUEST_URI} ^/wp-admin$
    RewriteRule ^(.*)$ - [R=403,L]
    </IfModule>

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    # END WordPress

    http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/

  2. wpsolutions
    Member
    Plugin Author

    Posted 10 months ago #

    Just wanted to clarify - did the above error message occur when you were trying to activate the blacklist feature?

    Have you also tried activating one of the basic firewall rules to see if the rules are written to your .htaccess file?

  3. SickSquirrel
    Member
    Posted 10 months ago #

    I added two IPs to the blacklist when that error occurred. I didn't try the firewall rules but let me try now.

    Check this if you want to apply basic firewall protection to your site

    Saved, updated..

    Tried blacklist again:

    The plugin was unable to write to the .htaccess file. Please edit file manually.

    Under the main directory, .htaccess is chmod 644.

  4. wpsolutions
    Member
    Plugin Author

    Posted 10 months ago #

    After activating the basic firewall rule can you please check the contents of your .htaccess file by going to the "Settings" menu and then clicking the ".htaccess File" tab.
    View the contents of your file and confirm that you see some code starting with the tag:
    # BEGIN All In One WP Security
    and ending with the tag:
    # END All In One WP Security

    Also, can you paste an example of exactly what you are entering in the IP Blacklist box which is causing the error?

  5. SickSquirrel
    Member
    Posted 10 months ago #

    195.47.89.*

    My .htaccess file didn't change from above. Makes sense since it can't be written to per the above error.

    But it DID write to it as you can see, when I first set it up.

  6. wpsolutions
    Member
    Plugin Author

    Posted 10 months ago #

    But it DID write to it as you can see, when I first set it up

    No it didn't. That code with the ##BLOCKWP attacks is definitely not coming from our plugin.

    Have you confirmed that the .htaccess is definitely in the root folder of your WordPress installation?

    Also check the "error_log" files on your server by going to the following menu item of this plugin:
    Filesystem Security then click the Host System Logs tab.

    Then check if there are any recent logs which might be revealing some direct/indirect underlying problem relating to this matter.

  7. SickSquirrel
    Member
    Posted 10 months ago #

    It is under / for sure. As for logs ...

    No system logs were found

  8. SickSquirrel
    Member
    Posted 10 months ago #

    *.kyivstar.net is not a valid ip address format.

    *.kyivstar.net is not a valid ip address format.

    I added it once yet it errs twice. How do I ban 123.45.67-broadband.kyivstar.net or ,ru?

  9. wpsolutions
    Member
    Plugin Author

    Posted 10 months ago #

    Hi,
    123.45.67-broadband.kyivstar.net is not an IP address and as such the plugin will reject it.

    You should perhaps enter these in the "User Agents" box.

  10. SickSquirrel
    Member
    Posted 10 months ago #

    Yes, it is. Do you mean is isn't numeric? Some IPs are numbers and a name. Mine is like that but you can sometimes drop the name. If a static IP, they may not have numbers. I was squirrel.ipname.com for a decade. But you could get a numeric IP by doing a reverse IP lookup. So, are you saying I need a reverse IP lookup and only use numbers? Of so , that should Be in the directions with a lookup URL for newbies not aware what that is.

    If I'm wrong then please explain why that isn't an IP.

  11. SickSquirrel
    Member
    Posted 9 months ago #

    Any update to the plugin error?

  12. wpsolutions
    Member
    Plugin Author

    Posted 9 months ago #

    In order for the All In One Security plugin to process IP addresses for the blacklist, they must be in the standard numerical format.

    http://en.wikipedia.org/wiki/IP_address

  13. SickSquirrel
    Member
    Posted 9 months ago #

    You should put that in the instructions with links to reverse ip lookup. Some people way not know what that is or how to do that.

    I'm about to start using a bouncer to hide my real ip and it will be a static name like SickSquirrel.nmc.com ( made up but used as example).

  14. SickSquirrel
    Member
    Posted 9 months ago #

    The plugin was unable to write to the .htaccess file. Please edit file manually.

    IP was numeric. This continues to happen

  15. wpsolutions
    Member
    Plugin Author

    Posted 9 months ago #

    Assuming the address you entered is the correct format, it sounds like your server setup is not allowing you to write to the file.

    Let's try a test to confirm this.
    Go to the "Firewall" menu and enable "Basic Firewall Protection" checkbox and save the settings. (Confirm that no error occurred)

    If no error, go to the "WP Security->Settings" menu and view your .htaccess contents by going to the .htaccess File tab.
    Check if .htaccess contents contain the following:

    # BEGIN All In One WP Security
    #AIOWPS_BASIC_HTACCESS_RULES_START
    <files .htaccess>
    order allow,deny
    deny from all
    </files>
    ServerSignature Off
    LimitRequestBody 10240000
    <files wp-config.php>
    order allow,deny
    deny from all
    </files>
    #AIOWPS_BASIC_HTACCESS_RULES_END
    # END All In One WP Security

    If you cannot see the above content then you should ask your host provider why you cannot write to the .htaccess file.

  16. SickSquirrel
    Member
    Posted 9 months ago #

    File is the same I pasted before. Chmod 644. Host will take 10 days to answer if they do. I can edit the file by hand. Do I add your section above my text? If so, is there a conflict or duplicate with what is there?

  17. SickSquirrel
    Member
    Posted 9 months ago #

    Host says they "fixed" the issue. So I saved my ban list. Or tried to ...

    Nonce check failed for save blacklist settings!

    NOW what's wrong?

    Edit: I went to the other site with the .htaccess problem, saved the bans, and it worked. So I went back to the first site, saved,

    Settings successfully updated

    So what went wrong?

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.