WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] [Plugin: AskApache] HELP!!! 404 Errors on all pages (6 posts)

  1. christinawiler
    Member
    Posted 3 years ago #

    I installed this plugin last night and it seems that it broke my site.
    http://wordpress.org/extend/plugins/askapache-password-protect/ I activated the plugin and clicked the 3rd "activate" link and my screen went white and after that I could not access my website any longer. Every time I tried I'd get a 404 error. I couldn't even get back in to the WP admin panel. I did go in to my FTP and delete an htaccess file that was created last night and that allowed me back in to the WP admin panel and it did allow my index page to show up but still no other pages are showing.

    I did a backup restore today to just try to put everything back to how it was 2 weeks ago and still I'm getting the 404 errors on all my pages.

    I'm still seeing all my pages in my FTP and in my WP admin - I'm just not sure what to do right now to get them back online.

    My website is: http://www.InspiredAdvantage.com.

    Thanks for your help in advance!
    Christina

  2. doctorcilantro
    Member
    Posted 3 years ago #

    wow, 5 days and not one response. How did you get your site back up though?

    One plugin I won't be installing until more reading...

  3. christinawiler
    Member
    Posted 3 years ago #

    I marked the "resolved" topic when I got it figured out so that's why I didn't get any responses.

    Apparently it did something to my permalinks and I just had to adjust them.

  4. millhhaus
    Member
    Posted 3 years ago #

    How did you fix your problem?

    I have just installed this plugin and are getting exactly the same issue. I cant even log into dashboard!

    Help.

  5. askapache
    Member
    Posted 3 years ago #

    There are only 2 files that this plugin modifies. It doesn't even access your database, or modify anything.

    The 2 files are a file named .htaccess in the same directory as your wp-config.php file. The second file is in your /wp-admin/ directory, so: /wp-admin/.htaccess

    If you restore from a year ago but do not remove the AskApache code blocks (each file has a block of code in between giant askapache banners. 1 block total for each file.) then you are dangerously unaware of this.

    If the giant askapache block is the only text in the whole file, delete the entire file. If it is not the only text in the whole file, just remove the giant askapache block of code. Do that to both of the 2 .htaccess files. Then your blog will be 100.00000% the same as it was.

    So, the ONLY issues then (ever reported) can ALL be fixed by doing that. This is true for every version since v1.

    The problems are all due to those 2 files, don't forget that. The common issues people have:

    • They aren't using SSH, and their FTP program or WebFTP program doesn't display .htaccess files without enabling hidden files first. See your programs docs for viewing hidden files.
    • People panic and instead of only removing the giant askapache code blocks, they just delete the entire file even though there was other text in the file ( coincedentally the most crucial code on your blog, the rewrite to index.php that makes WP work ).
    • People just delete the plugins folder, and disable the plugin, and don't realize its only those 2 files that need to be reverted to their previous state.

    Very Rarely you might actually have a serious problem that you will need to contact your hosting support to get fixed. This plugin goes a little too far in trying to force solutions to problems writing to the .htaccess files during the install / module activation/deactivation.
    In some cases, due to poor or super good security configuration of the web server, or php, the plugin can end up writing these 2 files as a different user then the user you use to ftp. Basically the HTTPD Server is a program that may be started by a special user like 'nobody' or 'apache' but your website directory is owned by your unique user and group.

    If the plugin succeeds in bypassing security to write these files as the user running the HTTP Server, that is basically an exploit, not good. So then maybe mod_suphp or mod_suexec are setup to execute the php binary as a different user, your user, but somehow the plugin bypassed that and wrote the file as the server process owner. What that does is a problem because you don't know the password of the server user, you can't login as that user, so that means you cannot delete those .htaccess files.

    Cool huh? In that case you must contact someone with the access-level permissions to change the owner and user back to yours so that you can revert the 2 files.

    @christinawiler

    By adjusting your permalinks wordpress will automatically rewrite the rules to your htaccess file. This will fix the problem that happens when the wordpress code block is deleted from the .htaccess file.

    It is entirely my fault for these problems, but I hope you will learn things about your site and servers security you didnt before. And having to contact your webhost is always good as it keeps them on their toes. The next version fixes these issues.

  6. dagmawi
    Member
    Posted 3 years ago #

    Thank you for the askapache member post. My site is back online now.

Topic Closed

This topic has been closed to new replies.

About this Topic