• Resolved johdburr

    (@johdburr)


    I got the following pretty strange situation:
    as soon as I activate the default or the secure root htaccess in BPS I get a 403 forbidden error.

    Now, I download this recently created htaccess file with ftp, check it and it looks exactly as it should.

    If I upload this htaccess file back to the root folder with ftp (after deleting the one at root level which is actually or should at least be exactly the same than the one I am uploading…) the 403 error disappears and I am back into my backend.

    I tried this several times and always with the same result, whether I create a default or a secure htaccess file inside of BPS.

    I even tried another workaround: copying the code from the htaccess file editor from BPS and pasting it into a file on my computer. When I upload this file to root level, everything works fine. If I create the same file inside of BPS by clicking the radio button, then I get the 403 forbidden error.

    Why that? What’s wrong?
    It relates to a multisite installation WP 4.1.1

    Thanks for any suggestion!

    https://www.ads-software.com/plugins/bulletproof-security/

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Author AITpro

    (@aitpro)

    Maybe your host does not allow you to lock your root htaccess file with 404 file permissions on your server. Do these steps:
    1. Go to the htaccess File Editor tab page.
    2. Click the Turn Off AutoLock button.
    3. Go to the Security Modes page, click the Create secure.htaccess File AutoMagic button and activate Root folder BulletProof Mode.

    Thread Starter johdburr

    (@johdburr)

    Yes, this seems to solve the problem. Thanks a lot.

    Nevertheless, all my other WP multisite installations are running on the same hosted server with BPS AutLock turned ON without any problem. And I have with this very particular WP site where the 403 error occurred some other issues, e.g. updating Jetpack deinstalls the old version, installs the new one but doesn’t reactivate the plugin again as it should.

    I guess this has something to do with a custom WP Rewrite Loop End code I need to use on this particular installation. Otherwise I get an internal 505 error when I try to access the backend of any subsite.

    This custom code differs from the one that WP offers during multisite installation in the network settings. It’s:

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^ - [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
    RewriteRule . index.php [L]

    instead of:

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^ - [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) mySite.de/wordpress/$2 [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ mySite.de/wordpress/$2 [L]
    RewriteRule . index.php [L]

    And it’s NOT a WP installation in its one directory. It’s on root level (the domain points directly to the /wordpress/ bin).

    Maybe I have to dig a bit deeper into that…

    Plugin Author AITpro

    (@aitpro)

    BPS is borrowing/using the exact WordPress code to create htaccess code/files for Network/Multisite htaccess files/code. So the same exact htaccess code will be created by BPS that WordPress creates for Network/Multisite sites. WordPress used to have a disclaimer posted somewhere that stated that different or customized Network/Multisite htaccess code might be required for unusual Network/Multisite setups or unusual site structure/architecture.

    We have a test site that has a very unusual/non-standard Network/Multisite structure/architecture that does require customized .htaccess code. That test site is a sudirectory installation of Network/Multisite installed in a subdomain and is physically installed as a subdirectory site for another root domain site. We created this test site to intentionally try to break WordPress htaccess code and it does break that code and does require custom root .htaccess code in order for the site to work correctly.

    So since the standard WordPress Rewrite code is not working for this site right out of the box then that means you have an unusual Network/Multisite setup and will need to create a custom .htaccess solution.

    Plugin Author AITpro

    (@aitpro)

    Wanted to mention this also. So the test site that we created to intentionally try to break the WP htaccess code creation has a final URL/structure of this: subdomain.example.com and if this site was setup using the optimum Network/Multisite choices that are already available then the best installation type would be a subdomain Network/Multisite installation installed in a root folder. The point is this: since we were intentionally trying to break the WP htaccess creation code we intentionally installed things “wrong”/not using the best choice of installation method/type, which required creating custom htaccess rewriting code. So if the site was installed using the “correct”/best choice of installation method/type then everything would work fine without having to create custom htaccess rewriting code. So you may want to think about the possibility of maybe your choice of installation method is not an optimum choice and the site should be reinstalled using one of the optimum Network/Multisite site types and methods/choices.

    Plugin Author AITpro

    (@aitpro)

    BPS Custom Code has a special additional Custom Code text box for Network/Multisite sites for exactly this reason/scenario/possibility so that you can save your customized htaccess Rewrite code permanently.

    Note: the code below is example code and is not the code you may need for your particular website. This example code is only for showing what the top and bottom sections of the WordPress Rewrite code look like generally.

    This Custom Code text box: CUSTOM CODE WP REWRITE LOOP START: www/non-www http/https Rewrite code here
    Is where you would add the top section of your WordPress Rewrite code.

    # WP REWRITE LOOP START
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    
    # add a trailing slash to /wp-admin
    RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

    This special additional Custom Code text box: CUSTOM CODE WP REWRITE LOOP END: Add WP Rewrite Loop End code here
    Is where you would add the bottom section of your WordPress Rewrite Code.

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^ - [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) example.com/wordpress/$2 [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ example.com/wordpress/$2 [L]
    RewriteRule . index.php [L]
    # WP REWRITE LOOP END

    Plugin Author AITpro

    (@aitpro)

    One last important bit of information about site architecture/structure and htaccess files in a parent/child environment/relationship is this: htaccess files are hierchical/recursive so a parent site htaccess file (root folder) will affect a child site (subfolder). In order to not have that happen or to compartmentalize htaccess file rules/files you would use the methods in this forum topic: https://forum.ait-pro.com/forums/topic/htaccess-files-for-multiple-website-domains/

    Thread Starter johdburr

    (@johdburr)

    Thanks again for all this additional information!

    Yes, I ve been quite aware of the possible problems with unusual WP mulitiste installation schemes. Actually, I first tried a multisite installation in its own sub directory. But changed my mind exactly because of such problems with BPS – or let’s say: because of the need of special .htaccess knowledge – and did a clean reinstall at root level…

    Nevertheless, something got obviously wrong. That’s why I ve been using the custom code text box of BPS already.

    It seems that there are still some inconsistencies in my installation. Probably because of the fact, that – as I remember – I once switched the main site for a subsite and revoked it later. That means: I made a subsite to the main site and vice versa and corrected it back later. This, of course, is a little bit beyond the usual WP multisite installation procedure… I wonder if this might have changed some file permissions…?

    Anyway, as I said: It works finally due to the AutoLock trick. Thanks!

    Plugin Author AITpro

    (@aitpro)

    My knowledge and expertise with Network/Multisite is very limited since my experience is all based on using Network/Multisite from a testing standpoint with the BPS plugin. I do not actually have any Live Production Network/Multisite sites and only have Dev Network sites for testing, bashing, thrashing and trashing purposes. ?? So anyway I would not really be able to offer any “deep” help with a Network site beyond how it relates to BPS.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘403 forbidden error’ is closed to new replies.