WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] Resetting Permissions to Bullet Proof's Recommendations Broke Website (7 posts)

  1. rachelpeterson
    Member
    Posted 1 year ago #

    Hi,
    My website is hosted on Fatcow (unfortunately). I backed up by DB via phpadmin and site files via FTP prior to installing your plugin. My site worked fine after that. Then I went to my file manager on fatcow and changed the .htaccess, wp-config, wp-header, etc files to your recommended permissions. Then my site completely went down with a 404 Forbidden error.
    I reinstalled my back ups of the files and the database but that didn't restore the site. The files are now back up and the site is viewable but Fatcow has been unable to restore the database. Their import/export and backup instructions are so pitiful, it's likely I did not download the correct database files for my backup copy.
    Do you have any suggestions for me? I'd rather not have to rebuild this site.
    Thanks,
    Rachel

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Double check that your root .htaccess file actually has 644 file permissions.

    I am not sure what your database has to do with the issue. BPS does not do/add anything to your database that would cause your site not to load. You should not have to do anything with your database and just change file permissions back to what they were before.

  3. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Or even simpler just delete your Root .htaccess file. That should take care of the problem, unless something else was done to other files.

  4. rachelpeterson
    Member
    Posted 1 year ago #

    I restored the permissions to fatcow's settings as soon the site broke. That did not fix the problem. Then the backups were restored. After that, my FTP files and the database were not able to communicate.

    Fatcow did another restoration of my database last night and the database is now working but most of my content and my edits to the css/php for the theme are gone. My plugins are all still installed, but none of them are activated.

    I wish I understood what happened here... every time I try to use a plugin that even mentions the .htaccess file, something horrible happens.

    Do you still think I should delete the .htaccess file from the root directory? That seems suicidal to me. Can you send me some links that explains how this works before I do something really stupid again?

    The .htaccess file's original permission was probably 644 (sounds right). I went by the list of permission settings from the BPS Security Log after I installed and set up the BPS plugin.

    Fatcow now has now set all of my file permissions to 755... Not sure why they did this.

    Please let me know if you have recommendations for me (besides finding a new host).

    Thanks,
    Rachel

  5. rachelpeterson
    Member
    Posted 1 year ago #

    Fatcow's tech support is assuring me that having all of my files set to 755 permission is secure.

    Can you tell me if I should trust this?

  6. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    The BulletProof Security Forum has lots of information about BPS: http://forum.ait-pro.com/ and the Blog site has a lot of information as well. The Blog info will eventually all be moved to the Forum. The Forum has a beefed up search feature - you can actually find what you are looking for. ;)

    755 directory and 644 file permissions is ok. Changing directory and file permissions are just an extra little security measure. This used to be more significant, but hackers have since figured out how to easily get around permissions so it is no longer really that important to change them.

  7. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Issue/problem Resolved.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.