• Resolved leejosepho

    (@leejosepho)


    Everything was fine until this morning (after having completed all my BPS .htaccess edits yesterday), and now I am suddenly getting the “Oops. << Maybe try your browser’s back button…” error whenever I try to log in at either of my WordPress sites. Temporarily renaming /wp-admin/.htaccess to disable it did not make any difference, but I am not certain I had my browser cache fully cleared. In any case, what do I need to fix or change in order to be able to access wp-login.php?

Viewing 15 replies - 1 through 15 (of 16 total)
  • Plugin Author AITpro

    (@aitpro)

    I believe this problem has something to do with Cache or Cookies. Try renaming your WP /plugins/ folder so you can login, then rename your /plugins/ folder back and then do standard WP plugin troubleshooting steps. ie deactivate plugins one by one and test logging in and out of your site to figure out if/which plugin is causing this problem.

    Thread Starter leejosepho

    (@leejosepho)

    I emptied ‘active_plugins’ in my database table as well as temporarily renaming the ‘/plugins/’ folder and even getting new ‘salts’ for wp-config.php, and I still cannot access wp-login.php even though I am definitely receiving a cookie. So, something somewhere (within BPS .hatccess code, I assume) is blocking me from wp-config.php.

    As an aside that might help a bit here: I have a phpBB forum installed in a sub-folder of my ‘nonameyet.org’ domain — not at the domain we are testing here — and I have single-sign-on (SSO) working perfectly there. Hence, I can log in at the ‘nonameyet.org’ forum and then go directly to my WordPress Dashboard at ‘nonameyet.org’ — altogether bypassing login — while using my usual login link. And so, I am certain this is not a cookie or plugin problem.

    Plugin Author AITpro

    (@aitpro)

    If you want to completely eliminate that BPS is causing the problem then do these 3 things: rename the /bulletproof-security/ plugin folder and delete the BPS Root and wp-admin htaccess files. Maybe the problem has something to do with your Browser itself? Try using a different Browser and see what happens. Also it could have something to do with a Browser Add-on or Extension.

    Thread Starter leejosepho

    (@leejosepho)

    Try using a different Browser and see what happens. Also it could have something to do with a Browser Add-on or Extension…

    Ah yes, I found the problem and the fault was entirely my own at the last two lines here:

    
    # Protect the Login page from SpamBots, HackerBots & Proxies
    # that use Server Protocol HTTP/1.0 or a blank User Agent
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
    RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
    RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR]
    RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$
    RewriteRule ^(.*)$ - [F,L]
    # Block automated comment spambots using Server Protocol HTTP/1.0
    # All legitimate humans and bots should be using Server Protocol HTTP/1.1
    #RewriteCond %{REQUEST_URI} ^(/wp-login\.php|/wp-comments-post\.php)$
    #RewriteRule ^(.*)$ - [F,L]
    

    Should I just delete those two lines and forget them or make some kind of edit and use them?

    • This reply was modified 7 years, 8 months ago by leejosepho.
    Plugin Author AITpro

    (@aitpro)

    Great job! Yeah probably just delete that code altogether. It is basically just nuisance protection against bots that use Server Protocol HTTP/1.0, but that code is known to be problematic on some servers. 😉

    Thread Starter leejosepho

    (@leejosepho)

    Great job!

    Please forgive my sentiment here if this might embarrass you in any way, but that means a lot to me coming from you! You and BPS held my hand more than once for a while when I first got started just a few years ago, but now this time I only had to search my .htaccess files for ‘wp-login’ — new folks: Take note! — and the problem was found.

    If you might have an easy day going there, maybe take a look at this other problem of mine posted in the Wordfence Security forum and see what suggestion/s you might have…

    Many thanks for anything and everything!

    Plugin Author AITpro

    (@aitpro)

    Thanks for the awesome Kudos!!! I took a look at the link you posted above, but it looks like a Wordfence specific issue. So the only logical guess I can think of is maybe those domains/sites/IP’s are from Referrer Spammers?

    Thread Starter leejosepho

    (@leejosepho)

    Trying to go to that domain will land you at my site, so someone somewhere has a domain redirect-to-mine in place. Wordfence is handling things properly as a 404 whenever anything follows ‘~~~~.com/’, but my thought is to try to catch ‘goofydomain.com’ at the BPS (.htaccess) gate in front of my site and send it somewhere else. I use redirects like that to send two of my own domains with no sites to Google, but I do not know whether .htaccess can see the fact of a ‘goofydomain.com’ redirect being the incoming request.

    Plugin Author AITpro

    (@aitpro)

    Wow I just tested the domain URL and yep it redirects to your site. That is really wierd if you do not know who owns that other site. The redirect would have to be done on that other site. So I guess you would need to contact the owner of that other site to figure out why they are redirecting to your site. Try doing a Whois lookup to see if you can get the email address for the site owner.

    • This reply was modified 7 years, 8 months ago by AITpro.
    Thread Starter leejosepho

    (@leejosepho)

    Yes, I have done all of that and sent e-mails, and later today or maybe tomorrow I will try to “bounce it away” or whatever!

    Thread Starter leejosepho

    (@leejosepho)

    Whenever you might have a moment or two for my favorite song-and-a-slideshow, try that nefariously-redirected domain once again…

    🙂

    • This reply was modified 7 years, 8 months ago by leejosepho.
    Thread Starter leejosepho

    (@leejosepho)

    I have changed my “bounce” code related to the nefarious redirect and I have added some additional redirects:

    
    ### Begin baltimorecityapps.com Redirects
    RewriteEngine on
    ## Wildcard Redirect baltimorecityapps.com -and- www.baltimorecityapps.com away from nonameyet.org
    RewriteCond %{HTTP_HOST} ^baltimorecityapps\.com$ [OR]
    RewriteCond %{HTTP_HOST} ^www\.baltimorecityapps\.com$
    RewriteRule ^(.*)$ "https\:\/\/\wordpress\.org\/support\/topic\/what-can-i-do-about-a-nefarious-incoming-redirect\/" [R=301,L,NE]
    #
    ## as from Wordfence 404 reports
    #http://baltimorecityapps.com/wp-login.ph
    RedirectMatch 301 ^/wp-login.ph$ https://wordpress.org/support/topic/what-can-i-do-about-a-nefarious-incoming-redirect/
    #http://baltimorecityapps.com/wp-content/plugins/woocommerce-products-filter/readme.txt
    RedirectMatch 301 ^/wp-content/plugins/woocommerce-products-filter/readme.txt$ https://wordpress.org/support/topic/what-can-i-do-about-a-nefarious-incoming-redirect/
    

    Do you see anything wrong or objectionable about my doing that, and would it be possible for those first two lines to also redirect the links being handled separately below that? I do not know what someone might try next, and I do not want this list of redirects to become monstrously long.

    Plugin Author AITpro

    (@aitpro)

    I think you would have to redirect by the HTTP_REFERER domain. Basically treat the baltimorecityapps.com domain as if it is a Referrer spammer domain. See this forum topic: https://forum.ait-pro.com/forums/topic/block-referer-spammers-semalt-kambasoft-ranksonic-buttons-for-website/. Not really sure what to tell you about the other Wordfence redirects. Overall this is basically just a nuisance problem. So you could just ignore it. 😉

    • This reply was modified 7 years, 8 months ago by AITpro.
    Plugin Author AITpro

    (@aitpro)

    Actually what might happen if you redirect by Referrer domain then maybe that would also stop the Wordfence errors/log entries or whatever they are from occurring.

    • This reply was modified 7 years, 8 months ago by AITpro.
    Thread Starter leejosepho

    (@leejosepho)

    Many thanks, and I will try to take a look at that with a fresh brain in the morning. I am not aware of any actual damage at the moment, but this does concern me and I have sent Google an e-mail about that.

Viewing 15 replies - 1 through 15 (of 16 total)
  • The topic ‘Oops. << Maybe try your browser's back button…’ is closed to new replies.