WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] Can't Drag Widgets on Add-on Domain (11 posts)

  1. sweetmelody
    Member
    Posted 3 years ago #

    I've successfully installed wordpress for an add-on domain (according to this thread http://wordpress.org/support/topic/plugin-bulletproof-security-bps-and-simple-script?replies=3). However, I'm now facing other problems, such as: can't drag widgets and delete existing plugins (default WP plugins - Akismet, Hello Dolly).

    My link.

    Please help, thank you!

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 3 years ago #

    This is common problem if you have not activated BulletProof Mode for your wp-admin folder. Both BulletProof Modes must be activated and used together: BulletProof Mode for your Root folder and BulletProof Mode for your wp-admin folder. If you have tried to activate BulletProof Mode for your wp-admin folder and it is not successful then you will need to take a look at the permissions of your wp-admin folder. All WordPress folders should have 755 permissions. If your folder permissions are set too restrictive then the wp-admin .htaccess file will not be allowed to be created in your wp-admin folder by BPS. Please verify physically that the .htaccess file exists for your wp-admin folder by either using FTP or your Control Panel to verify that the .htaccess file actually exists in your wp-admin folder. Thanks.
    Ed

  3. sweetmelody
    Member
    Posted 3 years ago #

    1. .htaccess file is in wp-admin, I found this /public_html/wp-admin/.htaccess but I don't know how to open it and see the codes.

    2. Both root and wp-admin BP modes are activated but still the same.

    3. I have 4 sites including this - one main and 3 subs. The previous 2 subs were fine after installation but not the latest one.

    4. I didn't install BP plugin to the latest site yet.

    Kindly advise, thank you very much!

  4. AITpro
    Member
    Plugin Author

    Posted 3 years ago #

    I looked back through the history of posts in this BPS forum and i see that you have asked this same question about the wp-admin htaccess file several times for different or new websites that you have added or are adding. So i think what is going on is that maybe you are not aware that each website will have it's own .htaccess files. Your 1. question above is saying that you are looking at the .htaccess file for a website that is in your root domain. If this new site is in another folder then the folder path you should be looking in to view the .htaccess file for that website would be something like this /public_html/your-add-on-domain-folder/wp-admin/.htaccess. As an example if you had 5 different websites / add-on domains under one hosting account then you would have a total of 10 different .htaccess files for all of your websites. When you install BPS on a new website and you use the AutoMagic buttons to create your Master .htaccess files. Those Master .htaccess files are created specifically for each website and when you Activate BulletProof Modes then you are copying those Master files to the root and wp-admin folders for just that specific website. Each website under your hosting account should have two .htaccess files - one in the root folder for that site and one in the wp-admin folder for that site. Now when i say root folder this is exactly what that means. The root of your DOMAIN or root of your HOSTING ACCOUNT is /public_html/ if you have a website installed in the root of your domain / hosting account then the root folder FOR JUST THAT SITE is also /public_html/. So if you have another site installed in a folder called /foo.com/ then the root folder for that website is /public_html/foo.com/. Every single website you have installed under your hosting account has it's own root folder. Each website that has BPS installed should have an .htaccess file in the root folder and the /wp-admin for that specific site. Example for website foo.com: /public_html/foo.com/.htaccess and /public_html/foo.com/wp-admin/.htaccess. I recommend that you use FTP to look at your websites folder structure. You can do this with your Control Panel, but with some hosts that use Plesk the CP can actually cause more confusion as to the true folder structure under your hosting account. By viewing your folder structure via FTP you should be able to see clearly where everything is and get a sense of the overall folder structure of your hosting account and physically see where all your websites are actually located. Then you can go through the folders and take a look to see that each root folder for each website should have an .htaccess file and each /wp-admin folder for each website should have an .htaccess file. Hopefully all this explanation has gotten to the root of why you continue to have this issue when you add a new site. ;) You should be able to open your .htaccess directly when viewing them via FTP by double clicking them. Thanks.
    Ed

  5. sweetmelody
    Member
    Posted 3 years ago #

    I totally understand and I'm trying to say that there's no .htaccess files for my newly installed WP site (not found). What should I do? Can I send you a mail? Can you help by logging in my new site and have a look? Thank you very much for your detailed explanation.

  6. AITpro
    Member
    Plugin Author

    Posted 3 years ago #

    So are you saying that when you click the Activate BulletProof Modes buttons that no .htaccess files are copied to your new sites folders? If that is the case then this is either a permissions issue with the folders for that site or it could be a suPHP issue. See this forum post >>> http://wordpress.org/support/topic/plugin-bulletproof-security-feature-suggestion-to-avoid-403-errors?replies=8

    So for troubleshooting purposes check the folder permissions for you new website they should be 755. All WordPress folders should be 755. Manually download these BPS Master .htaccess files - secure.htaccess and wpadmin-secure.htaccess. Add the correct RewriteRule and RewriteBase to the secure.htaccess file IF NECESSARY. If your new site is in a folder called /public_html/foo.com/ then you do not need to modify the secure.htaccess file's RewriteRule and RewriteBase. If your new site is in a folder called /public_html/foo.com/new-blog-folder/ then you will be modifying the secure.htaccess file and adding the RewriteRule and RewriteBase for this new site. They would be: RewriteBase /new-blog-folder/ and the RewriteRule would be RewriteRule . /new-blog-folder/index.php [L]. Then you will upload the the secure.htaccess file to the root folder of THIS NEW SITE and rename the file to just .htaccess. Upload the wpadmin-secure.htaccess file to the wp-admin folder for THIS NEW SITE and rename the file to just .htaccess. If your host is using suPHP then you will need to make sure the file permissions are 644 for each of these .htaccess files you have manually uploaded to your new site. Also i just thought of something else. BPS looks at your WordPress General Settings page for each site and will then write the path if finds there to your .htaccess files when you click AutoMagic. If you have incorrect information there then BPS will not write the correct information to your .htaccess files. I don't think this would screw up the copy of the files, but i have seen issues in the past where people named add-on domain with very strange info in General Settings like www.blog.website.com. This is a NO GO using 2 domain prefixes. Also if you host is blocking the copy function then you need to contact them, but since you have other sites that you have activated BulletProof Modes and not had a problem then this is not the likely problem. Thanks.
    Ed

  7. sweetmelody
    Member
    Posted 3 years ago #

    Hi Ed, I've emailed you its further progress. Kindly check your mailbox, thank you!

  8. AITpro
    Member
    Plugin Author

    Posted 3 years ago #

    This problem was resolved. It had to do with the installation of WordPress itself. Something was not right with WordPress so a reinstall of WordPress fixed the issue.

  9. moniquevanzyl
    Member
    Posted 3 years ago #

    Hi,

    I am hoping that someone can help me, i am new at all of this and am learning as i go. I have created my own theme and it is all working on WP 3.2.1 and i work on Firefox 5.0. None of my plugins that i have uploaded work and i can't activate any widgets. I have tried switching back to the Twenty Ten theme and i still can't drag and activate my widgets, i have also deactivated all my plugin and then tried to activate my widgets and still nothing.

  10. Roy
    Member
    Posted 3 years ago #

    Monique, when you're not using the BulletProof Security plugin, you might want to start a tread of your own.

  11. AITpro
    Member
    Plugin Author

    Posted 3 years ago #

    The problem you are describing is what happens when BulletProof Mode has not been activated for your wp-admin folder. Check that first to see if this is the problem. Deactivating BPS does not take BPS out of the equation. The BPS plugin files themselves only handle plugin functions and other functions. The security that BPS delivers is in the Master .htaccess files that come with BPS or the Master files that you create by clicking the AutoMagic buttons. So what happens when you activate BulletProof Modes is that those Master .htaccess files are copied to your Root and wp-admin folders (you have to activate BulletProof Modes for both your Root and wp-admin folder for BPS to work correctly). So in order to take BPS out of the equation you need to Activate Default Mode and delete the wp-admin .htaccess file on the Security Modes page. This completely removes all BPS security from your site so this should be used for troubleshooting only. If taking BPS out of the equation allows you to drag and activate widgets then you will need to look at the BPS .htaccess files themselves to ensure they have the correct information in them about your site. ie the correct RewriteBase and RewriteRule. AutoMagic is designed to add the correct info about your site automatically so i recommend using AutoMagic. Then the next thing you need to look at is that the wp-admin .htaccess file is really being copied to your wp-admin folder when you activate BulletProof Mode for the wp-admin folder. You should get errors if the copy does not succeed, but i have come across several fly-by-night / rogue web hosts that have all kinds of screwed up and incorrect server configurations so it is better to FTP to your site or use your Control Panel to physically verify that the .htaccess file really exists in the wp-admin folder. Thanks.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic