isaacl
Forum Replies Created
-
Forum: Plugins
In reply to: [BulletProof Security] Issue with the Better Analytics pluginI am using vhosts (assuming you’re referring to individual cPanel accounts), but I don’t see any extra config info there.
I’m assuming this is what applies to the regular directories:
<Directory “/”>
AllowOverride All
Options ExecCGI FollowSymLinks IncludesNOEXEC Indexes SymLinksIfOwnerMatch
</Directory>Forum: Plugins
In reply to: [BulletProof Security] Issue with the Better Analytics pluginMy httpd.conf file only has one Require all denied:
<Files “.ht*”>
Require all denied
</Files>So don’t see anything that would help there.
Forum: Plugins
In reply to: [BulletProof Security] Issue with the Better Analytics pluginEasyApache had an option that says “Reset Apache Config to default – any customizations will be lost (this session only)”, which I used, since I’m pretty sure that I never made any changes to the server config.
Forum: Plugins
In reply to: [BulletProof Security] Issue with the Better Analytics pluginRebuilding my Apache config (using EasyApache) to rule that out.
I also was using nginxcp, which shouldn’t affect this, but I removed that first as well.
@digitalpoint – if this is the only plugin loading PHP files directly, is there any way to work around that?
I did lock my server and site down as much as possible (in big part thanks to the BPS Security plugin), but the once I disabled that, things should have loaded…Forum: Plugins
In reply to: [BulletProof Security] Issue with the Better Analytics pluginGoing to do some digging.
Since I haven’t had issues with any other plugins, I’m wondering what’s different about the way that this is being loaded – I would guess that there might be something set up to block direct loading of php files in the wp-content folder from external sources, but no other plugins seem to be affected, so I’m not really sure what’s happening…Forum: Plugins
In reply to: [BulletProof Security] Issue with the Better Analytics pluginWeird that this is only with one plugin if that’s the problem.
And the cPanel documentation seemed to say that it should be backwared compatible, but I’ll see what I can find…
Thanks!Forum: Plugins
In reply to: [BulletProof Security] Issue with the Better Analytics pluginI host my own site, so I guess I have to dig deeper…
In the Apache error log, I see this:
AH01797: client denied by server configuration: /home/user/public_html/wp-content/plugins/better-analytics/js/loader.php
And I forgot to mention, I recently upgraded my server to Apache 2.4 and PHP 5.5, but I doubt that’s the issue…
Forum: Plugins
In reply to: [BulletProof Security] Issue with the Better Analytics pluginI tried Default Mode, and I’m still getting that error, so there must be something else blocking it, but since I don’t get any error message in the log, I have no clue what the issue is.
I’m going to have to do some more digging to see what else could be the issue…Forum: Plugins
In reply to: [BulletProof Security] Issue with the Better Analytics pluginGood call.
After disabling the security logging, I’m still getting a 403 error.
Any way of figuring out what else could be causing that?
Thanks a lot!Forum: Plugins
In reply to: [Hashcash] Get an error on login when the Authy plugin is installledSeems like that file is still being installed with the version on the WordPress site/repository, since I deleted it, rolled the version number back, and then updated, and the file was again installed.
Either way, thanks for fixing this so quickly!Forum: Plugins
In reply to: [Hashcash] Get an error on login when the Authy plugin is installledJust tested, and the new version seems to work correctly – thanks a lot!
One question – I see I had a wp-local.css file in the main plugin folder, and there was no new file – is that no longer necessary?
Thanks!Forum: Plugins
In reply to: [Hashcash] Get an error on login when the Authy plugin is installledSure, will check shortly and report back.
And after I removed it, I saw that I had gotten a response here: http://www.nginxcp.com/forums/Thread-nginx-passing-http-1-0-protocol
I added proxy_http_version 1.1 to the proxy.inc file, and that worked perfectly – I tested the whole thing with a php file containing this:<?php echo $_SERVER[ "SERVER_PROTOCOL" ]; ?>It first showed me HTTP/1.0, and then once I added that line to that config file, and restarted Nginx, it showed HTTP/1.1, and the login file now worked.
Thanks again for all your help!
At this point, I decided to remove NginxCP, so we’ll see if that helps, with the original rules – I think that’s what was causing the issue, and it didn’t seem to give me that much improvement…
Thanks for the help!Sorry, haven’t gotten much further, still have to try to get Nginx to pass the HTTP/1.1 protocol, but I’d really like to try to get it to work using the hostnames and mod_authz_host.
Do you have instructions for how to do that?
Thanks!