Support » Plugin: WP Hide & Security Enhancer » WP hide and security Plugin causes HTTP connection issue

  • dragongate

    (@dragongate)


    Hello,

    I just downloaded your plugin “WP Hide & Security Enhancer” to my WP site, but after activating your plugin I noticed new critical issue alert in my WP site health says:
    ———————-
    1 critical issue
    There are problems with the HTTPS connection of your websiteSecurity
    Your WordPress Address is set up to use HTTPS, but your website appears to be unavailable when using an HTTPS connection.
    Talk to your web host about resolving this HTTPS issue for your website.
    Learn more about why you should use HTTPS(opens in a new tab)
    ———————-
    and when I deactivate your plugin the status of WP site Health back to “Good” and the issue disappear !!

    Must be something wrong with your plugin “WP Hide & Security Enhancer” that creating http:// connection instead of https:// which causes this issue to happen

    why is that happening with your plugin?!

    Pls. advise,
    Thank you

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author Maya

    (@tdgu)

    Hi,
    This should work fine, the plugin does not interfere with the site protocol.
    I noticed some reports about the problem, this is more like a bug or mis-report, see https://core.trac.wordpress.org/ticket/52783
    So apparently stripping out specific tags, changing default admin URL, which the plugin can do through it’s options, could conclude to the notification. Still, I’m not able to replicate on this side, so might be a conjunction of active plugins, try to disable selectively and see if makes a change.

    Thanks

    Thread Starter dragongate

    (@dragongate)

    Hi tdgu,

    after updating your plugin “WP hide and security” to the latest version I start getting critical error message from your plugin as follows:
    ———-
    Unable to write/update required rewrite rules to your site .htaccess. Is this file writable? Until fixed, no changes are applied on the front side.
    Try to go at Settings > Permalinks and save once, the core will attempt to update the required rewrites. If the problem persists, check with your host support on the correct file write permission.
    ———-
    Also I get this notification in your plugin page:
    ———-
    Rewrite test failed! The wp_remote_get() returns a 403 error code:Forbidden
    A custom rewrite line has been inserted into your rewrite file for testing, the Test URL expected to return a JSON response (contains a name and description) The server instead replied a 403 error with the message Forbidden
    You need to get in touch with your server support for a fix, the rewrite engine is either disabled for your account or their internal set-up does not allow such rewrites.
    Critical issues were identified on your site, please fix them before proceeding with customizations.
    ———-

    my htaccess file is writable and your older version of the plugin was working properly so what happened now?!

    why is this issue

    Pls. help
    Thanks

    • This reply was modified 1 month, 3 weeks ago by dragongate.
    Thread Starter dragongate

    (@dragongate)

    More than 3 weeks passed and no response from developers for the issue reported!!

    I think the developers of this “WP hide and security” Plugin do not care about their plugin anymore.. I think better to remove it as it is useless..

    Plugin Author Maya

    (@tdgu)

    Hello,
    Sorry I missed your last response.
    Try to create a copy of your .htaccess file, then remove it. Go to WordPress dashboard at Settings > Permalinks and save once. If WordPress manages to create the file, the plugin should write just fine. Otherwise, there’s a permission issue on your server set-up and you should set-up a different filesystem access as described at https://wordpress.org/support/article/editing-wp-config-php/#wordpress-upgrade-constants

    Maybe your server environment has changed meanwhile, the last plugin version does try to add a test rewrite to identify any potential issues, if this is not possible it trigger the above errors.

    Thanks

    Thread Starter dragongate

    (@dragongate)

    Hello Maya (@tdgu),

    Thank you for your reply,

    After checking again your plugin “WP hide and security” , I have contacted my hosting provider, and now I know the reason that caused this issue with your plugin.

    the new update you’ve added to your plugin is actually implementing .php code execution in the WP-Content directory in WP, which is unusual and is not permitted for security reasons!!

    I don’t know why did you add this to your plugin and why your plugin actually needs to execute any .php codes in WP-Content directory.!!

    Please remove this addition from your plugin as it is not needed and issue new update for users to continue using your plugin otherwise I’m afraid many people will lose their trust in your plugin and remove it from their sites.

    hope you will fix this issue ASAP.

    Regards.
    Thanks

    • This reply was modified 1 month ago by dragongate.

    I am getting same issue as described here.
    Can’t use WP Hide plugin due to this permission issues (php code executing in protected directory).
    When you will fix it ?

    Plugin Author Maya

    (@tdgu)

    Hi,
    Actually, PHP execution inside wp-content is not so unusual and being used by many plugins/themes, mainly to create dynamic stylesheets. Even WordPress do that, with the core files at /wp-includes/load-scripts.php and /wp-includes/load-styles.php So the WP-Hide needs to ensure everything still works fine after default directories re-map, this is what the test rewrite is about.
    The plugin itself uses a PHP file to clean the theme style headers ( like theme name, author, version etc ).
    We’ll try to improve that and add an Ignore button, so the user can still proceed at his own risk.

    Thanks

Viewing 7 replies - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.