WordPress.org

Forums

BulletProof Security
[resolved] Lock/Unlock Buttons (9 posts)

  1. Josh Carr
    Member
    Posted 1 year ago #

    Maybe I'm missing something here, but I looked in the .htaccess file editor tab and I don't have a lock/unlock button like I've seen mentioned previously. According to one of your other posts, this happens when my server is DSO and not CGI. I checked the system info and found that indeed, it's DSO.

    It's just a Ubuntu box that I'm administering via webmin. I'm not a sysadmin. I read up on the performance of DSO versus CGI... and it seems like DSO has the least stress on the server and CGI gives the best website performance. Does that sound accurate? From what I can see FCGI is the most advanced CGI solution right now. I assume that would do the same as CGI for this plugin, correct?

    Any suggestions as to where I can find more information about making the switch?

    http://wordpress.org/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    If everything is working already then do not worry about doing anything. DSO folder/file permissions are handled completely differently than CGI permissions so it is not necessary to lock files on a DSO Server. On a DSO Server Ownership is somewhat similar to file permissions on a CGI Server so you do not need to be able to lock files.

  3. Josh Carr
    Member
    Posted 1 year ago #

    The only reason I brought it up was the fact that I have to keep having to enable bulletproof mode after doing various things on the website. You had suggested (in a different thread) to lock the .htaccess file so that nothing would mess with it. Is there a different solution for the DSO server?

    Or am I missing something else completely?

  4. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Ok yeah the WP flush_rewrite_rules problem will continue to happen repeatedly if another plugin or theme is misusing this function (very common issue). This person in the Forum link below did figure out a way to lock files on a DSO Server.
    http://forum.ait-pro.com/forums/topic/allow-404-file-permissions-for-htaccess-files-dso/#post-1464

  5. Josh Carr
    Member
    Posted 1 year ago #

    Yeah. That's what it was, I forgot the specific issue, but I knew what needed to happen to fix it. :)

    I'm using all actively-developed plugins that should be smarter than to do something the wrong way (apparently not). Do you have a set of guidelines for plugin developers that I can point them to - in hopes that they would make their plugin compatible?

    Also, is there an easy way to figure out which plugins are responsible for the breakage without just watching for the error?

    I'll look at the link you shared (thanks) and figure out if it's worth the trouble. I doubt I have a choice, one of my admins keeps complaining about it...

  6. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Well WordPress states that the flush_rewrite_rules() function should ONLY be used during plugin/theme activation or deactivation, but what I see a ton of is: you click on a plugin's settings page and flush_rewrite_rules() is fired or you save settings in a plugin and this fires flush_rewrite_rules.

    http://codex.wordpress.org/Function_Reference/flush_rewrite_rules

    Important: Rewrite rules must be flushed on activation or deactivation to avoid unnecessary rewrite rule flushing.

    You can do a search for the flush_rewrite_rules function in the code of all your plugins and themes to find out where it is coming from.

    Another very common issue is the cPanel HotLink Protection Tool issue.
    http://wordpress.org/support/topic/plugin-bulletproof-security-broken-cpanel-hotlink-tool-404-errors-unable-to-edit-htaccess-files?replies=9

  7. Josh Carr
    Member
    Posted 1 year ago #

    Great. Thanks for the info.

  8. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Also I have seen some modified versions/code in plugins for rewrite rule flushing so first do a search for the WP flush_rewrite_rules() function and then do a broader/more general search for the word "rewrite". This will find any variables or other functions that are doing something with rewriting. And probably a general search for ".htaccess" would be a good thing to look for too.

  9. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    Resolving. We still receive email notifications when a new post has been made in a resolved Thread. Thanks.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic