WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
[resolved] [Plugin: Better WP Security] Internal Server Error after messing with .htaccess Protection (27 posts)

  1. elimc
    Member
    Posted 2 years ago #

    My site was working great.
    I installed Better WP Security and it still worked.
    Then I decided to check all the options in the .htaccess Protection options area. I clicked save, and upon trying to go anywhere in the site I was left with the following:

    Internal Server Error

    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, webmaster@elimcmakin.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log.

    Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

    Even when I just visit my site (not logged in), the message pops up. I will attempt to remove my plugin folder and see what happens. What is strange is that I had nothing like this happen on my localhost, just on the server. I will post my results.

    My host is WPWebHost.

    http://wordpress.org/extend/plugins/better-wp-security/

  2. elimc
    Member
    Posted 2 years ago #

    I deleted the Better WP Security plugin and received the same Internal Server Error. So then I checked the server error logs:

    [30-Dec-2011 22:53:57] PHP Warning: uksort() expects parameter 1 to be array, boolean given in /home/elimcmak/public_html/wp-admin/includes/class-wp-themes-list-table.php on line 48
    [30-Dec-2011 22:53:57] PHP Warning: array_slice() expects parameter 1 to be array, boolean given in /home/elimcmak/public_html/wp-admin/includes/class-wp-themes-list-table.php on line 55
    [30-Dec-2011 22:55:59] WordPress database error Table 'elimcmak_eli.em_BWPS_lockouts' doesn't exist for query SELECT computer_id FROM em_BWPS_lockouts WHERE lockout_date + 3600 > 1325285759 AND computer_id = '24.227.222.62' AND mode = 2 made by activate_plugin, include_once, BWPS->__construct, BWPS->ll_checkLock

    My programming knowledge is a little limited at this point. Some help would be appreciated.

  3. elimc
    Member
    Posted 2 years ago #

    Additional:
    I tried to fix the problem on my own. I thought that if I delete the 3 tables that are related to the Better WP Security plugin, that might magically solve the problem. There was no improvement.

  4. elimc
    Member
    Posted 2 years ago #

    Update:
    So, I completely deleted my DB and everything in public_html and WWW. I still received the 500 Internal Server Error. This made me realize something else was going on. I did some net research and realized that the probably cause was the .htaccess file. This file had a permission of 644 on my site so it could not be seen by my browser. I downloaded it using FileZilla and edited it directly on my machine.

    I renamed the .htaccess file just to see if this would change things on the site and the site worked! In order to get the site back to normal, I had to delete everything in the .htaccess file that was inserted in there by Better WP Security. Then I uploaded the .htaccess file.

    I still do not know what caused the issue in the .htaccess file, but I am investigating.

  5. mr_swede
    Member
    Posted 2 years ago #

    I'm also having an issue where Better WP Security somehow altered my .htaccess file rendering my site to redirect to my site's home page when opening the login page.

    I ftp'd into my site, renamed the plugin directory and could finally get to the login page.

    After logging in I started go get a 500 error.

    Removing .htaccess made the site working again.

    Any others having had issues like this?

    EDIT: Found a thread that seem to address this (NOTE: I do not run a multi site):

    http://wordpress.org/support/topic/plugin-better-wp-security-broken-for-multisite

  6. Radek Kucera
    Member
    Posted 2 years ago #

    I have similar error. I only found changes in .htaccess IfModule mod_rewrite.c section. Can someone test it?

    Maybe some crash because I use WP super cache?
    `

  7. superharmonic
    Member
    Posted 1 year ago #

    Configure your FTP Client to "Show Hidden Files", probably in the "View" menu options. Hope it helps.

  8. Radek Kucera
    Member
    Posted 1 year ago #

    I have again this error. It´s connected with update of WP better security. Right now I do not know what in htaccess is broken, but look like there is no eror in code, but like it is wrong something with the file.

    Any other guys have problem Internal Server Error?

  9. mr_swede
    Member
    Posted 1 year ago #

    @bigdrobek

    What you could do is to check your wp-config.php file.

    I've experienced that BWPS altered the file by adding a blank space at the end of the file. Check that, fix it if it's there and try again.

  10. Radek Kucera
    Member
    Posted 1 year ago #

    only one think can repair this internal error

    1. delete folder in plugin
    2. upload old .htaccess from backup

    There is nothing wrong with wp-config.php

  11. KWentin
    Member
    Posted 1 year ago #

    i had the same problem today when i couldn't access my own site and got a 500 error message.

    when i looked into the .htaccess file I found this:

    # BEGIN Better WP Security
    Order allow,deny
    Allow from all
    Deny from
    Deny from 80.58.205.44
    
    <IfModule mod_rewrite.c>
    RewriteEngine On
    
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} ^(.*)wp-comments-post\.php*
    RewriteCond %{HTTP_REFERER} !^(.*)kwent.in.* [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule ^(.*)$ - [F,L]
    
    </IfModule>
    
    # END Better WP Security

    after i removed this everything started working again. no need to reinstall or anything, but can't quite say what's wrong with it.
    it obviously looks like it has been inserted by better wp security.

    any info?

    thanks!
    kwentin

  12. MoreGood
    Member
    Posted 1 year ago #

    I got the same thing too. It's the blank "Deny from" that is the issue. The plugin is not checking the $_SERVER['REMOTE_ADDR'] value to make sure it was valid before adding it to the .htaccess file.

    I have attacks on my site coming in with no IP. So if one of those gets blocked, it does no IP deny from, which blocks everyone.

  13. MoreGood,

    This error should be fixed in 3.2.6. Please let me know if you experience any more issues.

  14. Treebeard
    Member
    Posted 1 year ago #

    Same issue here, my site was fine for weeks, then over the weekend I found out is was down for over 12 hours. So I deleted the RewriteCond lines generated by Better WP Security from the .htaccess file, site came back up. I'm not sure why it decided to just stop working, but it was unsettling!

  15. Which line was it that caused the problem for you malawimama?

  16. Treebeard
    Member
    Posted 1 year ago #

    Oy, I forgot to update this thread!! I really don't think it was your plugin, because a day later, I ended up with issues again. Eventually, I deleted all security plugins that were installed and haven't had any issues since. Perhaps it was a conflict? After I deleted BWPS, the next day the .htaccess file started overwriting itself, every time I uploaded a new one, it would overwrite again, with code similar to this (it changed now and then):

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress
    x.php [L]
    </IfModule>
    
    # END WordPress
    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress

    It kept trying to write the rewrite rules again, even though I already had them in there.

    The plugins I deleted included iQ Block Country, Secure WordPress, Spammer Blocker, Broken Link Checker, and Email Address Encoder.

  17. Till Krüss
    Member
    Posted 1 year ago #

    Email Address Encoder doesn't touch the .htaccess file.

  18. Treebeard
    Member
    Posted 1 year ago #

    I was in a panic at the time, guess it's safe to reinstall that one (thanks). Tell you the truth, none of the other ones I deleted mention htaccess either, I didn't expect it to be effected, so was a shocker. Still not sure which of the others caused the issue, but I'm pretty sure I'll be installed the Better WP plugin again when I get some time, maybe just avoid the others then.

  19. Thanks for the follow up @malawimama. Sounds like an awefully weird issue there. I would be willing to bet it was another security plugin (a lot of us use .htaccess for our "magic").

  20. archonic
    Member
    Posted 1 year ago #

    I'm dealing with the same issue. Things seemed fine after enabling .htaccess protection but after the login was timed out, I'm getting a 500 error.

    I also have Broken Link Checker and am trying to restore my .htaccess to see if that was the conflict.

    I'm having trouble getting my site back online. Did you guys just delete the lines between Better WP Security begin and end?

  21. archonic
    Member
    Posted 1 year ago #

    I changed the name of the folder of Better WP Security and everything came back. Let you know if I find out what the issue is...

  22. archonic
    Member
    Posted 1 year ago #

    I'm now getting 500 errors the moment I network activate the plugin. I tried dropping the bwps tables but I'm not sure where the option for htaccess protection is stored. Anyone know where that would be? The only bwps tables I see are bwps_lockouts and bwps_log.

    Update: This is in my .htaccess and everything is fine. BWPS is deleted.

    http://pastebin.com/raw.php?i=KPPGwLUh

  23. 500 errors are almost certainly a conflict with another plugin's .htaccess rules.

  24. archonic
    Member
    Posted 1 year ago #

    My .htaccess has the bwps rules written regardless of plugin activation, yet activating the plugin causes 500 errors. Renaming or removing the plugin folder has the site back to normal.

    Any ideas?

  25. @archonic that is a strange one. Can you see in your error logs what specifically is causing the 500 errors?

  26. archonic
    Member
    Posted 1 year ago #

    I've commented out all lines of my .htaccess except those of BWPS's. It's still giving me 500 errors as long as the plugin is enabled. Even deleting .htaccess gives 500 errors as long as the plugin is enabled.

    The 500 errors aren't causing any error_log file activity in public_html but here's some server logs. This appears many times:

    [Wed Aug 29 18:12:55 2012] [warn] RewriteCond: NoCase option for non-regex pattern '-f' is not supported and will be ignored.

    This appears twice:

    [Wed Aug 29 18:13:02 2012] [error] [client 66.249.68.203] Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.

  27. Treebeard
    Member
    Posted 1 year ago #

    Well, I tried again, this time, very carefully turning on different options, and everything was fine last night, then today, the site was down again - both the admin and frontend, and this is the only plugin I had installed (deleted everything else, other than slideshows and aesthetics). Both the admin and frontend were just white pages.

    I deleted the plugin and everything is working again, so I think there's still something up with the code. If it ever gets fixed though, please send me a response, I'd like to give it another try in the future.

    Thanks!~

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic