plugin removing code in htaccess file causing 404 errors | WordPress.org

Resolved 5high
(@5high)

10 years, 2 months ago
Hi,

Our site has recently had an issue with a plugin writing incomplete code and/or totally removing the WP bit, namely this bit:
```
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
```
from the .htaccess file… causing either 500 or 404 errors and the site to crash.

So firstly, if it’s this plugin that’s doing this, it may be a bug that needs fixing (if others are having the same problem?) and secondly, I’d like to know if this pugin does in fact require write access to the .htaccess file? – if not, then I thought I could try securing it using the Better WP Security plugin settings.

Dose anyone know?

Many thanks 🙂

https://wordpress.org/plugins/duplicate-post/

Viewing 5 replies - 1 through 5 (of 5 total)

Plugin Author Enrico Battocchi
(@lopo)

10 years, 2 months ago

Hi,
no, my plugin doesn’t touch .htaccess even to read it. I’ve never received any bug report regarding .htaccess, so I don’t really think my plugin is involved in this…

Hope this helps.

Thread Starter 5high
(@5high)

10 years, 2 months ago

Thanks – I’ll check the others too!

Thread Starter 5high
(@5high)

10 years, 2 months ago

Also please can you let me know if any of the following security settings (these are setting options in Better WP Security) will effect how this plugin works?…

Server Tweaks:

1. Protect Files

Prevent public access to readme.html, readme.txt, wp-config.php, install.php, wp-includes, and .htaccess. These files can give away important information on your site and serve no purpose to the public once WordPress has been successfully installed.
(Warning: This feature is known to cause conflicts with some plugins and themes.)

2. Disable Directory Browsing

Prevents users from seeing a list of files in a directory when no index file is present.
(Warning: This feature is known to cause conflicts with some server configurations in which this feature has already been enabled in Apache.)

3. Filter Request Methods

Filter out hits with the trace, delete, or track request methods.
(Warning: This feature is known to cause conflicts with some plugins and themes.)

4. Filter Suspicious Query Strings

Filter out suspicious query strings in the URL. These are very often signs of someone trying to gain access to your site but some plugins and themes can also be blocked.
(Warning: This feature is known to cause conflicts with some plugins and themes.)

5. Filter Non-English Characters

Filter out non-english characters from the query string. This should not be used on non-english sites and only works when “Filter Suspicious Query String” has been selected.
(Warning: This feature is known to cause conflicts with some plugins and themes.)

Header Tweaks:

6. Remove EditURI header

Removes the RSD (Really Simple Discovery) header. If you don’t integrate your blog with external XML-RPC services such as Flickr then the “RSD” function is pretty much useless to you.
(Warning: This feature is known to cause conflicts with some 3rd party application and services that may want to interact with WordPress.)

I’m just trying to improve my wp security, having had these issues with the .htaccess file changes, and am trying to follow recommended ‘wp hardening’ strategies. Might also be useful for others to know this info too?

I look forward to your comments – many thanks.

Plugin Author Enrico Battocchi
(@lopo)

10 years, 2 months ago

Hi,
I think no setting from that list should affect my plugin.

Thread Starter 5high
(@5high)

10 years, 2 months ago

Thanks lopo 🙂

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘plugin removing code in htaccess file causing 404 errors’ is closed to new replies.

Tags

In: Plugins
5 replies
2 participants
Last reply from: 5high
Last activity: 10 years, 2 months ago
Status: resolved