Forums

WordPress › Support » Plugins and Hacks

BulletProof Security
[resolved] Not able to access wp-admin (13 posts)

  1. nickandrea19
    Member
    Posted 3 months ago #

    Recently, I have tried implementing BPS on two sites and they have both broken in the same way. I add my custom code to the third window down in the custom code area, like so:

    RewriteEngine On
RewriteCond %{HTTP_HOST} ^ashevillecommunityyoga\.com$ [NC]
RewriteRule ^(.*)$ http://www.ashevillecommunityyoga.com/$1 [L,R=301]
RewriteBase /
RewriteRule ^index\.php$ - [L]

    Then, I create default.htaccess file, then secure.htaccess file. Then, I active security mode for website root folder, selecting BulletpProof Mode. Then, when I do it for wp-admin folder it kicks me out and won't let me log back in. I'm not sure what's going on. Is there something wrong with my code?

    I have used this same code schema for the last several sites I've done and activated BPS without trouble Thanks.

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author
    Posted 3 months ago #

    You would actually NOT want to add this code to BPS Custom Code and would instead need to modify your root .htaccess file directly with the BPS built-in htaccess file editor.

    Find this code in your root .htaccess file...

    RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

    ...and then replace that code with your code...

    NOTE: Also you need to put the RewriteBase above your non-www to www RewriteRule as shown below.

    RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^ashevillecommunityyoga\.com$ [NC]
RewriteRule ^(.*)$ http://www.ashevillecommunityyoga.com/$1 [L,R=301]
RewriteRule ^index\.php$ - [L]

  3. AITpro
    Member
    Plugin Author
    Posted 3 months ago #

    Is the problem resolved? If so, please resolve this thread. Thanks.

  4. nickandrea19
    Member
    Posted 3 months ago #

    Hi there,

    Thank you for that tip. So, I can't enter that into the custom code box anymore, eh?

    Also, I did do what you said. However, the www version is redirecting to the non-www version. Isn't that code above supposed to accomplish the opposite? Is there another plugin that could be redirecting it? I don't see one, nor is any such code in the default .htacccess file, which only includes this code:

    # BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

    Thanks.

  5. AITpro
    Member
    Plugin Author
    Posted 3 months ago #

    Ideally you should have that code inside of the WordPress htaccess rewrite loop. Adding that code as stand alone may or may not work correctly. Here is the logical problem I see with adding it outside of the WordPress rewrite loop.

    The rewrite would fine for the root level, but not for deeper URL links.

    example.com would redirect to http://www.example.com, but logically example.com/deeper-url would not redirect correctly to http://www.example.com/deeper-url

    Have you checked to make sure your WordPress Settings are correct?
    WordPress Address (URL)
    and
    Site Address (URL)

  6. AITpro
    Member
    Plugin Author
    Posted 3 months ago #

    Also this is nick nack, but to be technically correct your Flags are reversed.

    [L,R=301]

    should be

    [R=301,L]

    Examples: http://forum.ait-pro.com/forums/topic/htaccess-redirect-www-to-non-www-htaccess-redirect-non-www-to-www/#post-1723

  7. AITpro
    Member
    Plugin Author
    Posted 3 months ago #

    What is the latest status of this issue? Thanks

  8. AITpro
    Member
    Plugin Author
    Posted 3 months ago #

    What is the latest status of this issue? Thanks

  9. nickandrea19
    Member
    Posted 3 months ago #

    Hey sorry I haven't had a chance to get back to this. Lots of projects going on at once. I will look at it on Monday. Don't feel compelled to keep up on it. Thanks.

  10. AITpro
    Member
    Plugin Author
    Posted 3 months ago #

    pending response

  11. nickandrea19
    Member
    Posted 3 months ago #

    Ok, now I notice that the www version of the site is redirecting to the non-www version. .htaccess code is still the same:

    # BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

    Wordrpess Address URL and Site Address URL are still both: http://ashevillecommunityyoga.com

  12. AITpro
    Member
    Plugin Author
    Posted 3 months ago #

    Yes that is correct because that is what you are telling WordPress to do with the settings you are using.

    If you want www then add it in your settings links.

  13. AITpro
    Member
    Plugin Author
    Posted 3 months ago #

    And this confuses a lot of folks - WordPress does URL rewriting internally with php coding. If you are using an .htaccess file then it will take priority over the WordPress internal URL rewriting. In the case of setting your URLs to rewrite to a non-www URL and then having rewrite rules in your .htaccess file to a www URL this will cause a rewrite conflict since the rewrite rules will be contradicting each other.

    Typically when you add www to non-www or non-www to www rewriting in htaccess files you are doing this because you have old indexed pages in the wild that you want to have rewritten to the correct domain URL that you choose.

Reply

You must log in to post.

About this Plugin

About this Topic

Tags