WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
latest update - no longer allows access to ANY sites (27 posts)

  1. 20pips
    Member
    Posted 1 year ago #

    I applied the latest update but now I cannot access ANY site with this plugin.

    whatever the update does it deletes the htaccess file in the process.. even if I put a backup htaccess file back it still fails to work..

    I updated 5 blogs before I discovered the problem.. I discovered the htaccess file was gone. I was not sure it was this update that was doing it, so i tested it out on another site and yes, the moment I update it deletes the file and no longer allows access to the site..

    obviously this was seen during the update testing, I hope the update was tested..

    So how am I to fix this so I can gain access to all my sites..

    obviously this update has rewritten something major..

    http://wordpress.org/extend/plugins/better-wp-security/

  2. thomas.fredriksen
    Member
    Posted 1 year ago #

    This happened to me as well!

    Seconds after clicking the Upgrade-button I got 500-errors when trying to access any part of my site.

    The .htaccess file looked like a mess, and deleting it didn't help.

    How can I get my site up running again? And why did this happen?

  3. thomas.fredriksen
    Member
    Posted 1 year ago #

    All right, I figured out what went wrong - and I think I know why.

    Everything after the salt-keys in wp-config.php got deleted, and I guess this happened because I have Norwegian language as default, and a comment in there stating that it's forced to Norwegian (this is done by the WP-team).

    My guess is that the function that parses and upgrades wp-config.php doesn't understand anything when it gets to this comment, thus crashing and breaking the file.

    Fix wp-config.php and your site should be fine

  4. 20pips
    Member
    Posted 1 year ago #

    NO.. No my sites... Mine is English...

    No HTACESS files exist after I attempted this, the config file looks fine..

  5. I'm sorry to hear this. Was there any error message during the update that would indicate what went wrong? If not, can you check the logs to see what crashed? I saw this message an hour ago and have tried about 20 updates without such and issue so I need to know what is going wrong on your servers to help.

  6. thomas.fredriksen
    Member
    Posted 1 year ago #

    I didn't get any messages, I was instantly locked out...
    The webhost I use doesn't allow customers access to the log files

  7. thomas, in your case, with the language, I could see where that would be a problem. I will try to get a list of languages to scan for the appropriate line in future versions. Can you please send me a working copy of your wp-config (minus passwords please) so that I can compare and try to prevent this from happening to anyone else?

    20pips, what about you, you're .htaccess has me slightly more worried as, while the languages can be addressed, I need a little more information to see what happened to you.

  8. 20pips
    Member
    Posted 1 year ago #

    My sites are all english, they are set to default:

    define('WPLANG', '');

    I have been able to fix all 6 of the sites affected by uploading a backup of my htaccess file and deleting the updated plugin from the plugin directory, and then uploading that directory from a backup I had of each one of my sites (lucky I only just did that last week)...

    So now I have all my sites with version 3.4.4

    I am unable to apply the upgrade as it deletes the htaccess file and installs the new plugin and then prevents me from being able to access the site.. and with the htaccess file gone its naturally creating a hole heap of other problems.

    Even if I delete the plugin, download and install it, it still does not work..

    It has been the best security plugin on the market but now it needs to be rolled back to the older version and redone again, as this update has obviously been rushed and is unsuccessful.

  9. 20pips, what host are you using? I'm up to about 20 upgrades on 3 different hosts without issue (I'm specifically trying to reproduce the issue you're experiencing). Do you have any access to error logs that might show where a problem has occurred?

  10. thomas.fredriksen
    Member
    Posted 1 year ago #

    All security rules in my .htaccess file was added again, in the middle of the existing security rules. Is that related to the wp-config problem, or could it be another issue? How do I send you my file?

  11. thomas, can you email it to me at info at bit51 dot com.

  12. appleseedexm
    Member
    Posted 1 year ago #

    I have the same issue, I renamed the plugin folder and my site works fine again now. Before, I guess it even crashed my Apache (loop?), because my server backend returned a 500, too. Logs only said that request got early terminated (nothing more).

  13. @appleseedexm which host are you on?

  14. sk8tavou
    Member
    Posted 1 year ago #

    Got the same error. I have this plugin in 4 websites but lucky for me i updated only on one.
    After this i got a huge 15 lines messages of errors and didnt have access to anything.
    I contacted hosting (namecheap) And they disabled it and told me that it made changes to htaccess and wp-config

    I love this plug in and i dont know what to do now :(

  15. 20pips
    Member
    Posted 1 year ago #

    Update:

    I have 4 hosting accounts and many blogs....

    I started slowly testing other blogs with other hosts, and they have been fine.. I have not updated all my blogs yet (I will be doing that this morning - one by one}

    The 6 blogs that went down that I have now recovered are with the host "NamesCheap"

    there does not seem to be an error recorded for the most part... however one of the blogs did record an error in the log file... So maybe this is a clue to what is occurring:

    (please note I removed my blog info from the error message, but that info simply points to the plugin, so it should not be needed to understand the error}

    [04-Dec-2012 03:05:15 UTC] PHP Warning: filetype() [function.filetype]: Lstat failed for (removed my blog info from here} /plugins/better-wp-security/inc/filecheck.php on line 492

    thanks

  16. M Szatkowski
    Member
    Posted 1 year ago #

    the newest update clears database settings in wp-config.php

  17. ClubDesign
    Member
    Posted 1 year ago #

    Had the same 500 Internal Error on my sites...

    I commented out the First line in the .htaccess and now everything seems to working again:

    # BEGIN Better WP Security
    # Options -Indexes

    Maybe this helps someone...

  18. 20pips
    Member
    Posted 1 year ago #

    I did another test with the blogs on namescheap and I get the same result..

    It deletes the .htaccess file

    it does place these two lines in the config file:
    define( 'BWPS_AWAY_MODE', true );
    define( 'BWPS_FILECHECK', true );

  19. 20pips
    Member
    Posted 1 year ago #

    And in addition to the above, once this occurs I cannot log back in, naturally because the .htaccess file is missing.. uploading a copy of the .htaccess file wont resolve the program..

  20. appleseedexm
    Member
    Posted 1 year ago #

    I'm on a host which is IMO internationally unknown ;)

    Well the strange thing on my site is, that the plugin itself causes the error and not a .htaccess. I have to disable the plugin to get the page running with still the same .htaccess running.

  21. appleseedexm
    Member
    Posted 1 year ago #

    Updated to v3.4.6 now. Everything working fine again, thank you very much!

  22. garethhodgen
    Member
    Posted 1 year ago #

    hi need help ASAP I updated a day ago but the update something is wrong

    here is the failure

    Warning: require_once(/home/groomfor/public_html/wp-content/plugins/better-wp-security/inc/setup.php) [function.require-once]: failed to open stream: No such file or directory in /home/groomfor/public_html/wp-content/plugins/better-wp-security/better-wp-security.php on line 156

    Fatal error: require_once() [function.require]: Failed opening required '/home/groomfor/public_html/wp-content/plugins/better-wp-security/inc/setup.php' (include_path='.:/usr/local/php53/pear') in /home/groomfor/public_html/wp-content/plugins/better-wp-security/better-wp-security.php on line 156

    can someone tell me how I can sort this so I can apply the new update it wont even allow me to get to the admin section of the site

    thanks

    gareth

  23. 20pips
    Member
    Posted 1 year ago #

    hi,

    I have a resolution for the hosting issue with this plugin that I mentioned above... I am going to start another thread as I think it will be of use to others if they have hosting with NameCheap

  24. @garethhodgen that looks as if your upgrade failed to download everything. Please try downloading all the files and putting them in your fbetter-wp-security folder. While rare, this does sometimes happen with the WordPress repository.

    @20pips I am very interested in what you find and I am trying to look into the error you posted above. My credit card rolls over on Monday after which I can get a test account on Namecheap to try all this.

  25. garethhodgen
    Member
    Posted 1 year ago #

    hi ive done that the site loads but all the pages I get a 404

    Not Found

    The requested URL /about/ was not found on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

  26. garethhodgen
    Member
    Posted 1 year ago #

    i have changed my permalinks from post name to default that that seams to have corrected the issue, could it be something to do with better-wp not allowing the .htaccess file to be unwritable?

    REgards

    Gareth

  27. M Szatkowski
    Member
    Posted 1 year ago #

    I've still got an error message.
    No description what happened.
    I'll better swap it with bulletproof plugin..

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.