iThemes Security (formerly Better WP Security)
[Plugin: Better WP Security] Broken for Multisite (6 posts)

  1. jlnd
    Posted 4 years ago #

    I believe this plugin may be broken for multisite installations.

    I was having an issue that some of the features of this plugin will work (changing the admin username, changing the wp_ table prefix) but other features would not work. Specifically, it seemed that when I clicked a checkbox and clicked the save button, the setting would not save. The page would reload with the checkbox unchecked.

    As a result, any changes that I requested did not get saved to the .htaccess file.

    After doing some digging, I was able to get things to work by commenting out a few lines of code in bwps.php in the saveOptions function as follows...

    function saveOptions($opt, $val) {
    global $wpdb;
    $opts = $this->getOptions();

    $opts[$opt] = $val;

    // Since BWPS settings are network-wide, settings can be saved to the main (network) site
    // if (is_multisite()) {
    // $blogs = get_blog_list( 0, 'all' ); //need to find a non-deprecated alternative

    // if( is_array( $blogs ) ) {
    // foreach( $blogs as $details ) {
    // delete_blog_option($details['blog_id'],"BWPS_options");
    // update_blog_option($details['blog_id'],"BWPS_options", serialize($opts));
    // delete_blog_option($details['blog_id'],'BWPS_update');
    // }
    // }
    //} else {
    update_option("BWPS_options", serialize($opts));
    return $this->getOptions();;

    I haven't done a lot of testing. There may be other changes necessary. But this solved my immediate problem. Now settings get saved that the .htaccess file gets written.


  2. Curtis
    Posted 4 years ago #

    Not a multi-site, but same issue here upon updating with 2.15. on WP 3.31 core. Reverted to saved file to bring site back up.

  3. Curtis
    Posted 4 years ago #

    corrected in 2.17

  4. pufleech
    Posted 4 years ago #

    No, it's not fixed yet ! I still have the exact same problem after update to 2.17, even with a new site WordPress 3.3.1 and Better WP Security 2.17 (I create a brand new website to test) . Now I can't login, how could I degrade the plugin to the previous version ?

  5. jlnd
    Posted 4 years ago #

    Yep. I upgraded to 2.17 and am having the same issue again. I have WordPress 3.3.1. It's a multi-site installation. I activated the plugin for the network. I went to Network Admin / Security / System Tweaks page (/wp-admin/network/admin.php?page=BWPS-tweaks) and checked a couple of checkboxes. When I clicked save, my choices were erased.

    In fact, after making a few more changes I clicked save and my whole site became inaccessible. After reading the apache error logs and tracing the problem back to the source I found that the following lines were missing from wp-config.php...

    /** Absolute path to the WordPress directory. */
    if ( !defined('ABSPATH') )
    define('ABSPATH', dirname(__FILE__) . '/');

    /** Sets up WordPress vars and included files. */
    require_once(ABSPATH . 'wp-settings.php');

    Restored those lines and got my site back.

  6. mr_swede
    Posted 4 years ago #

    I removed my .htaccess file and could access the site again, as described in this thread.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic