Support » Plugin: iThemes Security (formerly Better WP Security) » [Plugin: Better WP Security] Internal Server Error after messing with .htaccess Protection

  • Resolved elimc


    My site was working great.
    I installed Better WP Security and it still worked.
    Then I decided to check all the options in the .htaccess Protection options area. I clicked save, and upon trying to go anywhere in the site I was left with the following:

    Internal Server Error

    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log.

    Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

    Even when I just visit my site (not logged in), the message pops up. I will attempt to remove my plugin folder and see what happens. What is strange is that I had nothing like this happen on my localhost, just on the server. I will post my results.

    My host is WPWebHost.

Viewing 15 replies - 1 through 15 (of 26 total)
  • I deleted the Better WP Security plugin and received the same Internal Server Error. So then I checked the server error logs:

    [30-Dec-2011 22:53:57] PHP Warning: uksort() expects parameter 1 to be array, boolean given in /home/elimcmak/public_html/wp-admin/includes/class-wp-themes-list-table.php on line 48
    [30-Dec-2011 22:53:57] PHP Warning: array_slice() expects parameter 1 to be array, boolean given in /home/elimcmak/public_html/wp-admin/includes/class-wp-themes-list-table.php on line 55
    [30-Dec-2011 22:55:59] WordPress database error Table ‘elimcmak_eli.em_BWPS_lockouts’ doesn’t exist for query SELECT computer_id FROM em_BWPS_lockouts WHERE lockout_date + 3600 > 1325285759 AND computer_id = ‘’ AND mode = 2 made by activate_plugin, include_once, BWPS->__construct, BWPS->ll_checkLock

    My programming knowledge is a little limited at this point. Some help would be appreciated.

    I tried to fix the problem on my own. I thought that if I delete the 3 tables that are related to the Better WP Security plugin, that might magically solve the problem. There was no improvement.

    So, I completely deleted my DB and everything in public_html and WWW. I still received the 500 Internal Server Error. This made me realize something else was going on. I did some net research and realized that the probably cause was the .htaccess file. This file had a permission of 644 on my site so it could not be seen by my browser. I downloaded it using FileZilla and edited it directly on my machine.

    I renamed the .htaccess file just to see if this would change things on the site and the site worked! In order to get the site back to normal, I had to delete everything in the .htaccess file that was inserted in there by Better WP Security. Then I uploaded the .htaccess file.

    I still do not know what caused the issue in the .htaccess file, but I am investigating.

    I’m also having an issue where Better WP Security somehow altered my .htaccess file rendering my site to redirect to my site’s home page when opening the login page.

    I ftp’d into my site, renamed the plugin directory and could finally get to the login page.

    After logging in I started go get a 500 error.

    Removing .htaccess made the site working again.

    Any others having had issues like this?

    EDIT: Found a thread that seem to address this (NOTE: I do not run a multi site):

    I have similar error. I only found changes in .htaccess IfModule mod_rewrite.c section. Can someone test it?

    Maybe some crash because I use WP super cache?

    Configure your FTP Client to “Show Hidden Files”, probably in the “View” menu options. Hope it helps.

    I have again this error. It´s connected with update of WP better security. Right now I do not know what in htaccess is broken, but look like there is no eror in code, but like it is wrong something with the file.

    Any other guys have problem Internal Server Error?


    What you could do is to check your wp-config.php file.

    I’ve experienced that BWPS altered the file by adding a blank space at the end of the file. Check that, fix it if it’s there and try again.

    only one think can repair this internal error

    1. delete folder in plugin
    2. upload old .htaccess from backup

    There is nothing wrong with wp-config.php

    i had the same problem today when i couldn’t access my own site and got a 500 error message.

    when i looked into the .htaccess file I found this:

    # BEGIN Better WP Security
    Order allow,deny
    Allow from all
    Deny from
    Deny from
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} ^(.*)wp-comments-post\.php*
    RewriteCond %{HTTP_REFERER} !^(.*)* [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule ^(.*)$ - [F,L]
    # END Better WP Security

    after i removed this everything started working again. no need to reinstall or anything, but can’t quite say what’s wrong with it.
    it obviously looks like it has been inserted by better wp security.

    any info?


    I got the same thing too. It’s the blank “Deny from” that is the issue. The plugin is not checking the $_SERVER[‘REMOTE_ADDR’] value to make sure it was valid before adding it to the .htaccess file.

    I have attacks on my site coming in with no IP. So if one of those gets blocked, it does no IP deny from, which blocks everyone.


    This error should be fixed in 3.2.6. Please let me know if you experience any more issues.

    Same issue here, my site was fine for weeks, then over the weekend I found out is was down for over 12 hours. So I deleted the RewriteCond lines generated by Better WP Security from the .htaccess file, site came back up. I’m not sure why it decided to just stop working, but it was unsettling!

    Which line was it that caused the problem for you malawimama?

    Oy, I forgot to update this thread!! I really don’t think it was your plugin, because a day later, I ended up with issues again. Eventually, I deleted all security plugins that were installed and haven’t had any issues since. Perhaps it was a conflict? After I deleted BWPS, the next day the .htaccess file started overwriting itself, every time I uploaded a new one, it would overwrite again, with code similar to this (it changed now and then):

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    # END WordPress
    x.php [L]
    # END WordPress
    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    # END WordPress

    It kept trying to write the rewrite rules again, even though I already had them in there.

    The plugins I deleted included iQ Block Country, Secure WordPress, Spammer Blocker, Broken Link Checker, and Email Address Encoder.

Viewing 15 replies - 1 through 15 (of 26 total)
  • The topic ‘[Plugin: Better WP Security] Internal Server Error after messing with .htaccess Protection’ is closed to new replies.