WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] Not able to access wp-admin (13 posts)

  1. nickandrea19
    Member
    Posted 1 year ago #

    Recently, I have tried implementing BPS on two sites and they have both broken in the same way. I add my custom code to the third window down in the custom code area, like so:

    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^ashevillecommunityyoga\.com$ [NC]
    RewriteRule ^(.*)$ http://www.ashevillecommunityyoga.com/$1 [L,R=301]
    RewriteBase /
    RewriteRule ^index\.php$ - [L]

    Then, I create default.htaccess file, then secure.htaccess file. Then, I active security mode for website root folder, selecting BulletpProof Mode. Then, when I do it for wp-admin folder it kicks me out and won't let me log back in. I'm not sure what's going on. Is there something wrong with my code?

    I have used this same code schema for the last several sites I've done and activated BPS without trouble Thanks.

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    You would actually NOT want to add this code to BPS Custom Code and would instead need to modify your root .htaccess file directly with the BPS built-in htaccess file editor.

    Find this code in your root .htaccess file...

    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]

    ...and then replace that code with your code...

    NOTE: Also you need to put the RewriteBase above your non-www to www RewriteRule as shown below.

    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_HOST} ^ashevillecommunityyoga\.com$ [NC]
    RewriteRule ^(.*)$ http://www.ashevillecommunityyoga.com/$1 [L,R=301]
    RewriteRule ^index\.php$ - [L]
  3. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Is the problem resolved? If so, please resolve this thread. Thanks.

  4. nickandrea19
    Member
    Posted 1 year ago #

    Hi there,

    Thank you for that tip. So, I can't enter that into the custom code box anymore, eh?

    Also, I did do what you said. However, the www version is redirecting to the non-www version. Isn't that code above supposed to accomplish the opposite? Is there another plugin that could be redirecting it? I don't see one, nor is any such code in the default .htacccess file, which only includes this code:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress

    Thanks.

  5. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Ideally you should have that code inside of the WordPress htaccess rewrite loop. Adding that code as stand alone may or may not work correctly. Here is the logical problem I see with adding it outside of the WordPress rewrite loop.

    The rewrite would fine for the root level, but not for deeper URL links.

    example.com would redirect to http://www.example.com, but logically example.com/deeper-url would not redirect correctly to http://www.example.com/deeper-url

    Have you checked to make sure your WordPress Settings are correct?
    WordPress Address (URL)
    and
    Site Address (URL)

  6. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Also this is nick nack, but to be technically correct your Flags are reversed.

    [L,R=301]

    should be

    [R=301,L]

    Examples: http://forum.ait-pro.com/forums/topic/htaccess-redirect-www-to-non-www-htaccess-redirect-non-www-to-www/#post-1723

  7. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    What is the latest status of this issue? Thanks

  8. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    What is the latest status of this issue? Thanks

  9. nickandrea19
    Member
    Posted 1 year ago #

    Hey sorry I haven't had a chance to get back to this. Lots of projects going on at once. I will look at it on Monday. Don't feel compelled to keep up on it. Thanks.

  10. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    pending response

  11. nickandrea19
    Member
    Posted 1 year ago #

    Ok, now I notice that the www version of the site is redirecting to the non-www version. .htaccess code is still the same:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress

    Wordrpess Address URL and Site Address URL are still both: http://ashevillecommunityyoga.com

  12. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Yes that is correct because that is what you are telling WordPress to do with the settings you are using.

    If you want www then add it in your settings links.

  13. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    And this confuses a lot of folks - WordPress does URL rewriting internally with php coding. If you are using an .htaccess file then it will take priority over the WordPress internal URL rewriting. In the case of setting your URLs to rewrite to a non-www URL and then having rewrite rules in your .htaccess file to a www URL this will cause a rewrite conflict since the rewrite rules will be contradicting each other.

    Typically when you add www to non-www or non-www to www rewriting in htaccess files you are doing this because you have old indexed pages in the wild that you want to have rewritten to the correct domain URL that you choose.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic