I just recently upgraded to the latest WordPress and BPS (was running .46.2)
I've regenerated the secure.htaccess file from scratch then applied it and that's all fine. The 'Security Status' shows everything is green.
Once that's done I get the reminder that I've got W3TC enabled but no associated htaccess entries, which again is fine.
I copy + paste the W3TC rules at the top of my .htaccess file and W3TC starts working as expected; however, once I've done this the BPS Security Status page becomes less happy.
I get the warning: "A BPS .htaccess file was NOT found in your root folder or you have not activated BulletProof Mode for your Root folder yet, Default Mode is activated or the version of the BPS htaccess file that you are using is not .46.3. Please read the Read Me hover Tooltip above."
Additionally the following entries come up in red:
- wp-config.php is NOT .htaccess protected by BPS
- The WP readme.html file is not .htaccess protected
- The WP /wp-admin/install.php file is not .htaccess protected
Everything else is green. If I remove the W3TC htaccess entries everything goes back to green, but if I put them back in it goes to red.
I run WordPress in a separate directory but I've updated default.htaccess, secure.htaccess and maintenance.htaccess as per the documentation.
Just to double check, I'm supposed to be putting the W3TC lines of htaccess above the BPS entries, yeah?
Any suggestions to where my problem may lie?