Plugin Author
Paul
(@paultgoodchild)
Is there definitely a .htaccess file at the root of the website and does it have the rewrite rules in it?
Do you have any other plugin or security plugin running, or anything that affects the login, on this site?
Thanks
Thread Starter
snowme
(@snowme)
I created a brand new site from the latest wordpress download and the only plugin I installed was Simple Firewall.
After changing the Permalinks setting to Post Name, it created a .htaccess file in the root directory that’s writable by the apache user.
Here is the content:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Plugin Author
Paul
(@paultgoodchild)
What was your new login url set to, and does the old wp-login.php work?
Can you use the “forceoff” system to turn off the firewall and confirm that you’re using the correct URL?
Thread Starter
snowme
(@snowme)
I have the URL set to logintest. When I have it set, I can’t reach the admin page via wp-login.php or logintest. I get “Not Found” 404 pages for both.
Using forceoff works and allows me back in. I confirmed I have the correct URL. As soon as I delete the rename setting and re-enable Simple Firewall, I can login with wp-admin again.
Plugin Author
Paul
(@paultgoodchild)
What other plugins are you running?
Thread Starter
snowme
(@snowme)
As stated above, this is a fresh install of wordpress. I just unzipped the latest download and created a new database on a brand new server. Simple Firewall is the only plugin that is active.
Akismet and Hello Dolly which come with wordpress are installed but they are not active.
Plugin Author
Paul
(@paultgoodchild)
can you try another login url that doesn’t include the text “login”… something random
Thread Starter
snowme
(@snowme)
I tried changing the rename setting to “nowords” and still got the 404 with that and wp-admin.
When I go to the test site main page and hover over the “Log in” link it does correctly point to http://myurl.com/nowords but I still get the 404 when I click on it.
I should note that the only thing I enabled in Simple Firewall was Login Protection and the only setting I changed was the Rename “wp-login.php” setting to eliminate any possible conflicts.
Plugin Author
Paul
(@paultgoodchild)
Is the 404 error you see a 404 erro page from the theme, or an “apache-looking” 404 ?
Thread Starter
snowme
(@snowme)
Its the Ubuntu Apache 404
Plugin Author
Paul
(@paultgoodchild)
My feeling here is that the apache/php configuration isn’t quite right and we’re not getting the correct $_SERVER variables populated.
This relies on the ability to query $_SERVER[‘REQUEST_URI’] and use PHP parse() to break it up. If this isn’t populated correctly this may explain why it’s not able to recognize that you’re browsing to your new login URL.
That’s the only thing I can think of as to why the plugin can’t recognize you’re requesting the login page.
do you have any coding experience to debug that?
Thread Starter
snowme
(@snowme)
I’m not a super experienced programmer or anything, but I think I can dig further into this now that you’ve pointed me in the right direction. Let me see what I can find out and I’ll check in with you if I get any leads.
Plugin Author
Paul
(@paultgoodchild)
The particular thing you need to investigate is this:
under the directory: src/common/ there is a file: icwp-wpfunctions.php
Line: 600.
In your case, this is returning false stating that it’s not the valid login URL. I would insert debug code there to print out (before the return statement on line 600 :
var_dump( $aLoginUrlParts );
var_dump( $aRequestParts );
And you want to compare the “path” entries and see if they’re different and if so, how are they different.
Hope that helps.
