WordPress.org

Support

Support » Plugins and Hacks » [Resolved] Forbidden Message

[Resolved] Forbidden Message

Viewing 15 replies - 1 through 15 (of 18 total)
  • Plugin Author AITpro

    @aitpro

    How have you denied all files/folder in .htaccess? Post the code you used.

    Thank you for prompt reply.
    I have two .htaccess file.
    One under the root file which bulletSecurity created.

    And another under /content/wp-content/.htaccess
    <Files *.php>
    Deny from all
    </Files>

    And i do alos have robot.txt file where these text are included.
    # global
    User-agent: *
    Disallow: /cgi-bin/
    Disallow: /wp-admin/
    Disallow: /wp-includes/
    Disallow: /wp-content/cache/
    Disallow: /wp-content/themes/
    Disallow: /wp-content/plugins/
    Disallow: */trackback/
    Disallow: /feed/
    Disallow: /comments/
    Disallow: /category/*/*
    Disallow: */trackback/
    Disallow: */feed/
    Disallow: */comments/
    Disallow: /*/feed/rss/$

    Thank You…

    Plugin Author AITpro

    @aitpro

    You could try something like this.

    SetEnvIf Request_URI "/some-plugin-folder/(.*).php$" whitelist
    
    <FilesMatch "\.(php|phps|php5|php4|php3)$">
    Order Allow,Deny
    Allow from env=whitelist
    </FilesMatch>
    Plugin Author AITpro

    @aitpro

    I checked your other posts and see that your website is being hacked repeatedly. The problem is the Mingle Forum plugin itself. It is pending a security fix. You might want to you use another Forum plugin like BuddyPress instead.

    http://wordpress.org/support/topic/what-happened-to-mingle-forum?replies=3

    @ait PRO
    Thank you for your support.
    So you mean mingle forum has vulnerabilities ?
    So when using buddyPress how will i edit the .htaccess file.

    Should i have to give allow access to this plugin ?

    Regards
    Pmuktan

    Plugin Author AITpro

    @aitpro

    The Mingle Forum plugin has been removed from wordpress.org for download, but the plugin support forum is still available. The link I posted above goes to another link that states that this plugin has had a known security vulnerability since April 2013. I really don’t know anything else, but I assume that WordPress has removed the plugin because it has a known security vulnerability that has not been fixed yet.

    If you remove the Mingle Forum plugin and install BuddyPress then you would use BPS just like you would normally without doing anything else. If you are asking about how to customize your additional .htaccess file then you would follow the example code I posted above…

    But here is what I think really needs to happen. Read this WordPress Codex link about what to do if your site is already hacked.
    http://codex.wordpress.org/FAQ_My_site_was_hacked

    I installed buddyPress but it say you need to activate buddypress theme.

    I want my theme as it is but want to use only forum as i am doing with mingle forum.

    When using mingle forum, i just used [migleforum] and the page got automatically activate.

    How can we do for buddy press.??

    Plugin Author AITpro

    @aitpro

    I believe you can use any Theme, but I am not a BuddyPress expert. You would need to ask the BuddyPress folks about that to get 100% confirmation. You can make the BuddyPress Theme notice go away by doing what is in the link below.

    Silence the “BuddyPress is Ready” Message in the WordPress Dashboard

    Plugin Author AITpro

    @aitpro

    Before doing anything else you should restore your website from a good backup that you know is 100% clean/not hacked. If you do not have a good backup then see the link below.
    http://codex.wordpress.org/FAQ_My_site_was_hacked

    If your site is hacked then the chances that there are still hidden backdoor hacker files somewhere on your site is 100%. Not 99% => 100%. Your site will continue to be hacked over and over until you restore it from a good backup or follow the instructions in the link above.

    I installed buddypress but how can i start my own forum and all??

    Plugin Author AITpro

    @aitpro

    Here is the Getting Started page
    http://codex.buddypress.org/getting-started/

    Here is the main BuddyPress Support page
    https://buddypress.org/support/

    As you know i had security issues mingle forum, now i am installing buddypress forum in my website.
    But the concern is How can i transfer all data such as topics and replies from mingle forum to buddypress forum.

    Is it possible to do that ?

    Your help is really appreciated.

    Regards
    Pmuktan

    Plugin Author AITpro

    @aitpro

    Yes, it is always possible to import data, but the real question is has someone already created an importer for Mingle to BuddyPress. It looks like bbPress has done this, but it looks like manual DB work is required. Can’t really offer much else in suggestions since these are not my areas of expertise or my plugins. 😉

    http://codex.bbpress.org/import-forums/

    Plugin Author AITpro

    @aitpro

    [deleted] horrible suggestion. 😉

    Plugin Author AITpro

    @aitpro

    I deleted my previous post since it was a horrible suggestion. I looked up the history of the Mingle Forum plugin and it is not good (that is being very kind). It is better to move forward and go with a solid/excellent (probably the best Forum plugin) BuddyPress.

Viewing 15 replies - 1 through 15 (of 18 total)
  • The topic ‘[Resolved] Forbidden Message’ is closed to new replies.