.htaccess and subdirectory

  • Resolved josevelas

    (@josevelas)


    11 years, 3 months ago

    Hi, this is a great plugin. I just installed it because I saw the reviews and the almost perfect score.

    BUT, I have a big question here:

    My website is installed ina SUBDIRECTORY, meaning that, although you access it from https://mysite.com, all the information is not saved in the root folder, but in https://mysite.com/subdirectory/.

    I have just noticed that every change that I have been making to the security of my website using your plugin has been reflected in the .htaccess at

    https://mysite.com/subdirectory/.htaccess

    But the main .htaccess that wordpress and its plugin use to control the access is located at https://mysite.com/.htaccess.

    I’m not sure, but I think that the security features that I just activated are not really being applied to the website.

    Am I right?

    Thank you!

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Contributor wpsolutions

    (@wpsolutions)

    I’m not sure, but I think that the security features that I just activated are not really being applied to the website.

    What leads you to believe that?
    Have you tried a few tests and have they failed?

    Thread Starter josevelas

    (@josevelas)

    Hi, thanks.

    Well, it’s just a question.

    I don’t know, but, for example, when I go into the Firewall settings -> Basic Firewall Rules -> Basic Firewall settings, it applies a protection against the access of the .htaccess, right? but this protection is applied to https://mysite.com/subdirectory/.htaccess and not to https://mysite.com/.htaccess, is this true?

    I guess the same could happen with the denial of blacklisted IPs? they would be allowed initially into the site (although not into the subdirectory)?

    Of course other types of protection are actually applied to the site (like the change of prefixes in DB).

    I haven’t tried breaking into my site.

    It’s just a guess. A question. I’m not affirming, just asking out of ignorance.

    Thank you

    Plugin Contributor wpsolutions

    (@wpsolutions)

    @josevelas,
    In terms of protection, especially guarding against unauthorised access to your wordpress backend and files, you should be protected (depending on which features you have activated).
    But since you have brought it up, we will take a closer look and review the situation for scenarios where:
    1) People have installed wordpress in a subdirectory and their Site Address (URL) is somedomain.com

    2) People have installed wordpress in a subdirectory and their Site Address (URL) is somedomain.com/wpdir
    (where wpdir is the subdirectory of the WP installation)

    Thread Starter josevelas

    (@josevelas)

    WPSolutions,

    OK. That’s great.

    And again, your plugin is fantastic and your support couldn’t be faster.

    Keep it up.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘.htaccess and subdirectory’ is closed to new replies.