Title: askapache's Replies - page 6 | WordPress.org

---

# askapache

  [  ](https://wordpress.org/support/users/askapache/)

 *   [Profile](https://wordpress.org/support/users/askapache/)
 *   [Topics Started](https://wordpress.org/support/users/askapache/topics/)
 *   [Replies Created](https://wordpress.org/support/users/askapache/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/askapache/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/askapache/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/askapache/engagements/)
 *   [Favorites](https://wordpress.org/support/users/askapache/favorites/)

 Search replies:

## Forum Replies Created

Viewing 15 replies - 76 through 90 (of 137 total)

[←](https://wordpress.org/support/users/askapache/replies/page/5/?output_format=md)
[1](https://wordpress.org/support/users/askapache/replies/?output_format=md) [2](https://wordpress.org/support/users/askapache/replies/page/2/?output_format=md)
[3](https://wordpress.org/support/users/askapache/replies/page/3/?output_format=md)…
[5](https://wordpress.org/support/users/askapache/replies/page/5/?output_format=md)
6 [7](https://wordpress.org/support/users/askapache/replies/page/7/?output_format=md)
[8](https://wordpress.org/support/users/askapache/replies/page/8/?output_format=md)
[9](https://wordpress.org/support/users/askapache/replies/page/9/?output_format=md)
[10](https://wordpress.org/support/users/askapache/replies/page/10/?output_format=md)
[→](https://wordpress.org/support/users/askapache/replies/page/7/?output_format=md)

 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] Failed test results- sending off to host](https://wordpress.org/support/topic/plugin-askapache-password-protect-failed-test-results-sending-off-to-host/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 6 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-failed-test-results-sending-off-to-host/#post-892204)
 * Thanks beernews.. nice.
 * I’ve been working on a completely improved version on/off for about a month with
   the specific goal of finally ending all the little errors that can crop up when
   dealing with .htaccess.
 * To that effect I am succeeding marvelously, first I’ve converted the plugin to
   a class (4+5 compat), I’ve replaced my error_handling with WordPress’s WP_Error
   class, and the coolest change is the new tests I’ve added.
 * To make a long story short, I downloaded each major release of the apache httpd
   source code starting at version 1.3.0 and finishing with version 2.2.10, I then
   compiled each version and built a HTTPD from source for all 64 versions.
 * Then I went through each version and determined the compatible modules for that
   version, and I’m pretty confident that I was also able to find each and every
   directive allowed by the compatible modules for that version (including core 
   directives).
 * Basically I can now test a server using a variety of methods and determine almost
   100% accurately what version of Apache (down to the API) is running, what modules(
   and versions) are enabled, and each and every directive that is allowed or disallowed
   for that version.
 * So this is so awesome because now we can enable all sorts of additional security
   features.
 * Other big changes are:
    - Completely hands-off updates, so that updating the plugin keeps all your settings.
    - making each SID module have its own configuration and options (like protecting
      individual files, individual request, and custom exploit strings).
    - Advanced ErrorDocument usage and handling (like tracking repeat offenders 
      and suggesting they be blocked, emailing admin with custom info, etc..)
    - Multi User/Group password Control
 * And this time I am developing the plugin using a plethora of wordpress installations
   and configurations, to make sure that it will work regardless of a custom siteurl,
   blogid, etc..
 * Release will come before 2009.. I have some vacations to take and business to
   finish first.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [wp_head on certain admin pages only](https://wordpress.org/support/topic/wp_head-on-certain-admin-pages-only/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 6 months ago](https://wordpress.org/support/topic/wp_head-on-certain-admin-pages-only/#post-748819)
 *     ```
       <?php
   
       add_action( 'admin_menu', 'aa_pro_setup_options' );
   
       function aa_pro_setup_options(){
         $page=add_options_page( 'AskApache Pro', 'askapache-pro', 'AA Pro', 'askapache-pro', 8, basename(__FILE__), 'aa_pro_main' );
         add_action( 'admin_head-'. $page, 'aa_pro_admin_header' );
       }
   
       function aa_pro_admin_header(){
         echo '<p>Only ran when on the plugin page!</p>';
       }
   
       ?>
       ```
   
 * This works perfectly for the [askapache plugins](http://wordpress.org/extend/plugins/profile/askapache)..
   took me awhile to find how to do it though.. enjoy!
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [How do I limit admin_head content to certain pages?](https://wordpress.org/support/topic/how-do-i-limit-admin_head-content-to-certain-pages/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 6 months ago](https://wordpress.org/support/topic/how-do-i-limit-admin_head-content-to-certain-pages/#post-748818)
 *     ```
       <?php
   
       add_action( 'admin_menu', 'aa_pro_setup_options' );
   
       function aa_pro_setup_options(){
         $page=add_options_page( 'AskApache Pro', 'askapache-pro', 'AA Pro', 'askapache-pro', 8, basename(__FILE__), 'aa_pro_main' );
         add_action( 'admin_head-'. $page, 'aa_pro_admin_header' );
       }
   
       function aa_pro_admin_header(){
         echo '<p>Only ran when on the plugin page!</p>';
       }
   
       ?>
       ```
   
 * This works perfectly for the [askapache plugins](http://wordpress.org/extend/plugins/profile/askapache)..
   took me awhile to find how to do it though.. enjoy!
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] test fails](https://wordpress.org/support/topic/plugin-askapache-password-protect-test-fails/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 6 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-test-fails/#post-855270)
 * working on it….
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] test fails](https://wordpress.org/support/topic/plugin-askapache-password-protect-test-fails/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 7 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-test-fails/#post-855262)
 * I’ve released an updated version: [4.6.5](http://wordpress.org/extend/plugins/askapache-password-protect/)
   which will hopefully work 100% for ya!
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] Plugin can’t/won’t create/write to .htpasswd(a3) file …](https://wordpress.org/support/topic/plugin-askapache-password-protect-plugin-cantwont-createwrite-to-htpasswda3-file/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 7 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-plugin-cantwont-createwrite-to-htpasswda3-file/#post-879482)
 * [@jayroh](https://wordpress.org/support/users/jayroh/)
 * I think I found the cause of this error and released an updated version: [4.6.5](http://wordpress.org/extend/plugins/askapache-password-protect/)
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] What’s new in 8/14 version?](https://wordpress.org/support/topic/plugin-askapache-password-protect-whats-new-in-814-version/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 7 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-whats-new-in-814-version/page/2/#post-834847)
 * Maybe I’ll just become the worlds greatest spammer.. it’d take all of about an
   hour to accomplish that.. much easier than writing this plugin.
 * SPAMMER CHALLENGE: [*come at me with your best*](http://www.askapache.com/wp-comments-post.php)_(
   but if you hack my server and get me in hot-water with my host I’m coming after
   you… spam/exploits only, no DOS or heavy net-use.)_
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [Ask Apache Password Protect](https://wordpress.org/support/topic/ask-apache-password-protect/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 7 months ago](https://wordpress.org/support/topic/ask-apache-password-protect/#post-834846)
 * [@steinitz](https://wordpress.org/support/users/steinitz/)
 * Dude you rock! I was trying to figure out what could be causing this problem 
   for a small minority of users, and you nailed it, I’ve fixed it for 2.7
 * see [http://wordpress.org/support/topic/196732](http://wordpress.org/support/topic/196732)
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] What’s new in 8/14 version?](https://wordpress.org/support/topic/plugin-askapache-password-protect-whats-new-in-814-version/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 7 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-whats-new-in-814-version/page/2/#post-834845)
 * Guess what! I’ve made alot more improvements (this refactoring will never end)
   to the plugin.. Many are based on improvements to the WordPress Core Files, which
   I am constantly examining and learning from..
 * If you’ve seen the version 4.6 debugging options, you probably won’t believe 
   the 4.7 debugging options. I spent the most time implementing even MORE debugging
   options so that in the future you can find problems much easier… even if you 
   don’t know a thing about syslog, php error logging, etc.. Of course all that 
   was done to try and figure out what was causing all of you posters problems..
   and I think I am getting close to a 100% mysterious error free plugin! Which 
   is the main goal and a huge step on the way to the ultimate goal of this plugin.
 * I am still working on the user/group management code, so that probably won’t 
   be in the upcoming 4.7 release. But one thing I will tell you is the new version
   will have the best .htaccess anti-spam code for WP (maybe anything) ever seen
   on the net. (without using mod_security).. It’s not incredibly complex or lengthy,
   the rules are just very specific and very tight. I’m good at finding security
   vulnerabilities, this is the same thing only backwards.
 * I’ve been logging the entire HTTP request for every comment/trackback/pingback
   made to my blog for about 6 months (it took forever to find out how to log the
   entire request like this… I’m saying even the entire POST body.. just like having
   wireshark installed on the server!)
 * Then I would manually go through them about once a week (using a lot of linux
   shell scripting) and detail the subtle differences between spam and a real comment,
   and try different things.
 * So my blog kills thousands of would-be-spam connections every day to my blog (
   i actively try to recruit new spammers to study their technique), literally shuts
   down the TCP connection and wastes 0 bandwidth or CPU that a programming language
   like PHP used by akismet would waste (basically loading the whole wordpress program
   for each spam receieved)..
 * So I’m hesitant to publish this info, but then again, these spammers are so stupid
   that I’m not sure they can even read. What do you think?
 * Look for the update to come out sometime this month..
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] What’s new in 8/14 version?](https://wordpress.org/support/topic/plugin-askapache-password-protect-whats-new-in-814-version/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 8 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-whats-new-in-814-version/#post-834772)
 * Ok I major issue that is the only one I have been notified about for version 
   4.6 is now fixed. rschilt enlightened me to the error by posting that debug output
   that showed all the tests were going to /blog/blog/ when they should have gone
   to /blog/
 * The problem was I had forgotten to rtrim a single ‘/’ character from a path before
   doing a str_replace on it and so that means that everyone who has their blog 
   installed in a non-root-directory ‘/’ folder would not be able to get past the
   test screen.
 * Now it will work for you rschilt.
 * To notify me, use the contact page on my site, post on this message board, or
   add a comment to the plugins home-page.
 * The next major release will include a couple sweet ways to contact me about problems
   and suggestions… so until then….
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] Cannot get AAPP to work](https://wordpress.org/support/topic/plugin-askapache-password-protect-cannot-get-aapp-to-work/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 9 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-cannot-get-aapp-to-work/#post-801346)
 * I always just start with the tightest security, and then slowly ease up until
   it works.
 * So I like to start out at 400, then the server usually won’t work so I go to 
   600, etc..
 * Mostly .htaccess files are chmod 644 and .htpasswd files can be 640, but every
   OS is different. And folder I like 750.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] Help! Broken AAPro plugin & Wp-admin](https://wordpress.org/support/topic/plugin-askapache-password-protect-help-broken-aapro-plugin-038-wp-admin/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 9 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-help-broken-aapro-plugin-038-wp-admin/#post-821043)
 * > Someone said once to delete all AAPro lines from WP files but that seems a 
   > bit much.
 * **AHH! No!**
 * The plugin only modifies 2 (at most 3) files on your entire server.
 * 1. /.htaccess
    2. /wp-admin/.htaccess 3. Wherever you have your .htpasswd file,
   which can’t hurt anything
 * I’m hoping to have solved a lot of these programming (mine) mistakes with this
   new release (4.6) but like I’ve said before I’m not really experienced with php.
 * If you ever have trouble with this plugin, just remove any lines it created from
   the above files, clear your browser cache…… thats it. Remember that this is not
   part of wordpress, it uses alternate HTTP Authentication schemes and built-in
   apache server security.
 * [http://www.w3.org/Protocols/HTTP/1.1/rfc2616bis/draft-lafon-rfc2616bis-03.html](http://www.w3.org/Protocols/HTTP/1.1/rfc2616bis/draft-lafon-rfc2616bis-03.html)
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [[Plugin: AskApache Password Protect] Uninstall and removal](https://wordpress.org/support/topic/plugin-askapache-password-protect-uninstall-and-removal/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 9 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-uninstall-and-removal/#post-822222)
 * just remove the text inbetween # BEGIN AskApache and # END Askapache in the 2
   files it modifies.. .htaccess and possibly /wp-admin/.htaccess
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] What’s new in 8/14 version?](https://wordpress.org/support/topic/plugin-askapache-password-protect-whats-new-in-814-version/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 9 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-whats-new-in-814-version/#post-834747)
 * 4.6 just released….
 * I added file revisioning support to .htaccess files, so that every time you update
   or change the .htaccess files it saves the old copy. The next release will provide
   a DIFF view of the differences.
 * Also fixed all the bugs I was notified about or found, and provided the option
   to bypass some of the testing if you know your server supports something.
 * I have to get back to my real job now 🙂 but for the next release I’m going to
   add a whole user-management area to add and remove users and groups from .htpasswd
   files.
 * Then it will be ready to start using the advanced SID’s like mod_security..
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: AskApache Password Protect] Ask Apache pasword issues](https://wordpress.org/support/topic/plugin-askapache-password-protect-ask-apache-pasword-issues/)
 *  [askapache](https://wordpress.org/support/users/askapache/)
 * (@askapache)
 * [17 years, 10 months ago](https://wordpress.org/support/topic/plugin-askapache-password-protect-ask-apache-pasword-issues/#post-809187)
 * BTW, I should probably mention that most of the modules installed in the plugin
   currently were mostly just cut-and-pasted from my personal .htaccess files. I’ve
   been recording and researching various spam using honeypots for the last couple
   of weeks specifically to find anti-spam and also anti-automated web exploit requests.
 * And I’ve added support for HTTP Digest password authentication like that used
   by the OpenID systems. Theres a lot planned and a lot to do cuz this really does
   help the net.

Viewing 15 replies - 76 through 90 (of 137 total)

[←](https://wordpress.org/support/users/askapache/replies/page/5/?output_format=md)
[1](https://wordpress.org/support/users/askapache/replies/?output_format=md) [2](https://wordpress.org/support/users/askapache/replies/page/2/?output_format=md)
[3](https://wordpress.org/support/users/askapache/replies/page/3/?output_format=md)…
[5](https://wordpress.org/support/users/askapache/replies/page/5/?output_format=md)
6 [7](https://wordpress.org/support/users/askapache/replies/page/7/?output_format=md)
[8](https://wordpress.org/support/users/askapache/replies/page/8/?output_format=md)
[9](https://wordpress.org/support/users/askapache/replies/page/9/?output_format=md)
[10](https://wordpress.org/support/users/askapache/replies/page/10/?output_format=md)
[→](https://wordpress.org/support/users/askapache/replies/page/7/?output_format=md)