Support » Plugin: iThemes Security (formerly Better WP Security) » Cannot write .htaccess

  • gregmurf

    (@gregmurf)


    Hi,
    i try to make some changes on iThemes Security but it says “.htaccess cannot be written”.
    “Allow iThemes Security to write on wp-config.php et .htaccess” is checked.
    .htaccess rights are 644.
    Any idea ?

    thanks 🙂

    • This topic was modified 2 months ago by gregmurf.
    • This topic was modified 2 months ago by gregmurf.
Viewing 15 replies - 16 through 30 (of 37 total)
  • nlpro

    (@nlpro)

    Ok, let’s do one step back to the original code (that worked):

    <?php
    
    /** WordPress Administration Bootstrap */
    require_once __DIR__ . '/admin.php';
    
    /** Only users with manage options capability allowed */
    if ( ! current_user_can( 'manage_options' ) ) {
    	wp_die( __( 'Sorry, you are not allowed to manage options on this site.' ) );
    }
    
    /** Write to a new test file */
    $result = ITSEC_Lib_File::write( '/var/www/html/wordpress/test1.txt', "This is a test.\n" );
    
    /** Check and show the result */
    if ( is_wp_error( $result ) ) {
    	 echo 'Error msg: ' . $result::get_error_message();
    } else {
    	 echo 'File writing ' . ( $result?'succeeded.':'failed.' );
    }

    Run the test to make sure this code works.

    If it still doesn’t work delete the current wp-admin/itsec-write-test.php file and make a new one. Probably best to copy/paste the code from this post into the new file. Then retry. We need to make sure we have a working test script before moving on to the next step.

    Once the script works again replace the string “test1.txt” with “.htaccess”. Nothing more, nothing less.

    Make sure you have a proper backup of the .htaccess file !

    Then retest.

    gregmurf

    (@gregmurf)

    I’ve delete itsec-write-test.php from wp-admin
    Then create a new one and paste the code.
    Then run the URL
    ==> File writing succeeded.

    Edit the script and just replace test1.txt by .htaccess
    ==> WP error

    nlpro

    (@nlpro)

    Ok, so the code is ok, but php cannot handle writing to the .htaccess file.

    What is the current file size of that .htaccess file ?

    gregmurf

    (@gregmurf)

    1.9k

    nlpro

    (@nlpro)

    Ok. Not big. Are you able to look into the email send to the site admin ? There may be additional php error info in that email.

    gregmurf

    (@gregmurf)

    That’s the problem: i receive everything (plugin disable, login access, etc…), but this error does not send anything..
    Thanks for your help !

    • This reply was modified 2 months ago by gregmurf.
    nlpro

    (@nlpro)

    Ok. It seems it doesn’t always send the email. Try and add the lines below to the wp-config.php file:

    define( 'WP_DISABLE_FATAL_ERROR_HANDLER', true );
    define( 'WP_DEBUG', true );

    Note: The WP_DEBUG line is already present in the wp-config.php file. By default it is set to false.

    With both WP constants set to true, retry.

    • This reply was modified 2 months ago by nlpro.
    • This reply was modified 2 months ago by nlpro.
    gregmurf

    (@gregmurf)

    More info:

    Deprecated: Non-static method WP_Error::get_error_message() should not be called statically in /var/www/html/wordpress/wp-admin/itsec-write-test.php on line 16
    
    Fatal error: Uncaught Error: Using $this when not in object context in /var/www/html/wordpress/wp-includes/class-wp-error.php:137 Stack trace: #0 /var/www/html/wordpress/wp-admin/itsec-write-test.php(16): WP_Error::get_error_message() #1 {main} thrown in /var/www/html/wordpress/wp-includes/class-wp-error.php on line 137
    nlpro

    (@nlpro)

    Ah, my mistake. But it’s also good news because the test script seems to be able to reproduce the issue. Which means we can continue debugging!

    Let’s correct the code mistake I made. Change the following line in the itsec-write-test.php file:

    echo 'Error msg: ' . $result::get_error_message();

    Into:

    echo 'Error msg: ' . $result->get_error_message();

    Undo the changes to the wp-config.php file.
    Then retest.

    • This reply was modified 2 months ago by nlpro.
    gregmurf

    (@gregmurf)

    Much better. Now:
    Error msg: /var/www/html/wordpress/.htaccess n’a pas pu être écrit. C’est peut être dû à un problème de permissions. Assurez-vous que PHP est lancé avec les permissions utilisateurs nécessaires pour écrire à cet emplacement.
    WP run with www-data, and WP directory is already “chowned” with chown www-data:www-data -R *

    nlpro

    (@nlpro)

    Ok, great. Thank you for the extra info. Let’s continue with debugging tomorrow 😉

    gregmurf

    (@gregmurf)

    ok 🙂

    nlpro

    (@nlpro)

    Goodmorning. Ok, let’s put some extra debugging code in the write() method of the better-wp-security/core/lib/class-itsec-lib-file.php file. This will help us understand what execution path is followed.

    The write() method makes use of 2 possible PHP file write functions (fwrite() or file_put_contents()).
    Below 3 extra lines of code that need to be added. You can ignore the 3 dots (…). They are only there to indicate there is other code before and after the code snippet. The $callable variable holds which of the 2 PHP write functions are available in your system.

    ...
    
    echo '<pre>';         //New line
    print_r( $callable ); //New line
    echo '</pre>';        //New line
    
    foreach ( $trial_perms as $perms ) { //Search for this line in the write() method.
    
    ...

    If you have any questions about this change let me know. Let’s do this step by step. First confirm the above change in the code. Once confirmed I’ll post a second code change. When both code changes for debugging are implemented we will run the test script (itsec-write-test.php ) and evaluate the output.

    • This reply was modified 2 months ago by nlpro.
    • This reply was modified 2 months ago by nlpro.
    gregmurf

    (@gregmurf)

    Hi 🙂
    i added the code at the en of the better-wp-security/core/lib/class-itsec-lib-file.php file.

    nlpro

    (@nlpro)

    Ah, it looks I haven’t explained it properly. Probably best to start using line numbers(#).

    Use this to help you find your way in the code.

    The 3 new lines need to be added right before line #154. Below the code line to search for:

    #154 foreach ( $trial_perms as $perms ) {

    The better-wp-security/core/lib/class-itsec-lib-file.php file starts with code for the read() method (#27-102). Next is the code for the write() method (#114-236). We will focus on the code between line #154 and #236 inside the write() method.

    The foreach line exists in both the read() and the write() method. Make sure to add the 3 new lines within the write() method (before line #154).

Viewing 15 replies - 16 through 30 (of 37 total)
  • You must be logged in to reply to this topic.