Support » Plugin: Sucuri Security - Auditing, Malware Scanner and Security Hardening » Getting error Unable to properly scan your site. 404 Not Found

  • kelly20814

    (@kelly20814)


    Using the Securi WP plugin, I see this error:
    SUCURI: SiteCheck error: Unable to properly scan your site. 404 Not Found
    I have both http and https of my site online and I’m not seeing an error when scanning at https://sitecheck.sucuri.net/
    Can you please tell me what this means and how I can resolve?

    The page I need help with: [log in to see the link]

Viewing 12 replies - 1 through 12 (of 12 total)
  • carmpocalypse

    (@carmpocalypse)

    Hello @kelly20814

    Add this code snippet to your .htaccess file

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    This will force all web traffic to HTTPS. Currently, someone can visit your site via HTTP (not secure). Adding the code snippet to your .htaccess will redirect visitors to HTTPS.

    This should solve your issue.

    kelly20814

    (@kelly20814)

    Thank you. I was not seeing how someone could visit via HTTP. I added the code and now am seeing
    SUCURI: SiteCheck error: Rate limited. You are not allowed to make more scans per day. Contact support@sucuri.net if you think it was a mistake.
    after scan with the plugin. I will wait 24 hours to scan again and let you know if I have any more issues.

    @kelly20814

    Okay, hopefully everything works out.

    @kelly20814

    You also may want to add these HTTP Security Headers to your .htaccess as well:

    Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Content-Type-Options nosniff

    thanks but can you please explain (or direct me to more info about) what that bit of code does and what problem it would address?

    Hmmmm….I added the additional lines of code to .htaccess file and it broke the site. Was seeing this error when I tried to go the site:
    “The server encountered an internal error or misconfiguration and was unable to complete your request.”

    So I took out the security header code, the site seems to be working, but when I go to Securi WP plugin to scan, I still get “SUCURI: SiteCheck error: Unable to properly scan your site. 404 Not Found”
    I did put in the “Rewrite Engine, etc..” code snippet to .htaccess file. Any other ideas?
    thanks

    @kelly20814

    In WordPress dashboard, under Settings -> General, There’s WordPress Address (URL) and Site Address (URL). Are both of them starting with https://

    Make sure it’s https and not http. See if that may resolve the issue?

    yes, they both start with https://
    they are different from each other. the wordpress address is https://www.dhandyman.com/wordpress
    which I didn’t intentionally set up but it is where the wordpress files are located.

    @kelly20814

    Sucuri scanner might be hitting the WordPress Address and returning the 404, because when you actually go to the link, it does redirect to a 404 page.

    Try changing the WordPress Address to match the Site Address. I assume your Site Address under settings is https://www.dhandyman.com

    So change the WordPress Address (URL) to https://www.dhandyman.com

    See if that resolves the issue.

    when I try to change the wordpress address to match the site address, it returns an erro: Internal Server Error
    The server encountered an internal error or misconfiguration and was unable to complete your request.
    and the change doesn’t stick.
    I’m noticing that there are actually 2 .htaccess files….one in the public html folder and one in the wordpress folder (i edited the second of these). Can you confirm which of the two I should be editing? thanks so much for your help

    @kelly20814

    So your install (WordPress) is a subdirectory of the public_html (root directory), makes sense why WordPress URL is domain.com/wordpress. Yeah, you would edit the .htaccess in the WordPress folder. The issue could be the install is a subdirectory and not installed in the root directory, maybe that’s why the scanner is returning a 404. I’m not sure though. You can contact Sucuri via their website and see if that’s a factor in the plugin and Sucuri’s Sitecheck feature returning a 404.

    But yeah, since your install is in a folder labeled WordPress as a subdirectory of the root directory of public_html folder, your WordPress Address (URL) should be https://www.dhandyman.com/wordpress. Also, you would edit the .htaccess file in the WordPress folder (like you said you were doing). Sorry for the confusion, I wasn’t clearly thinking (late night early morning – tired).

    Like I said, try contacting Sucuri via their website about it and let them know the plugin returns of a 404 when performing a scan and let them know about your site being installed in a subdirectory. You have better luck contacting them on their website than here. I haven’t seen anyone from Sucuri respond to the support forums here in a awhile.

    Although, I don’t have an issue with the plugin performing a scan in WordPress installs under subdomains so not sure what the issue could be.

Viewing 12 replies - 1 through 12 (of 12 total)
  • You must be logged in to reply to this topic.