htaccess Problem

  • Hello,

    for explanation: i’m using a WordPress with Multisite option and have protected my /wp-admin with htaccess.

    Now while using the plugin “slideshow jqery image gallery” as a widget on my WPMU instance i encounter a htaccess popup asking me for a login every time when i surf through the frontend or clicking a link (all in the frontend which should not be htacces protected).

    Can you help? thx a lot!

    https://www.ads-software.com/extend/plugins/slideshow-jquery-image-gallery/

Viewing 6 replies - 1 through 6 (of 6 total)

  • What did you add in your .htaccess file?

    Does the issue happen when the widget is removed? plugin disabled?

    If it’s on pages without the widget, then it sounds like a more general problem to the .htaccess file.

    Maybe remove what you added to .htaccess and just install Better WP Security

    Thread Starter grummel

    (@grummel)

    The htaccess-Entry works fine for two years (see below). the htaccess-popup only occurs in frontend, when the slideshow plugin is active. therefore i think that the plugin perhaps makes a function call or something from the protected wp-admin-Directory.

    some ideas?

    <Directory “PATHTO…/wp-admin”>
    AuthType Basic
    AuthName “Only for Administrator”
    AuthUserFile PATHTO…/.htpasswd
    Require user USERNAME
    </Directory>

    Thread Starter grummel

    (@grummel)

    No ideas where the “slideshow jqery image gallery”-widget calls something from the protected “wp-admin” directory? and if its necessary or not?

    glad for your help!

    I’m having this same problem…
    On my ain .htaccess I added a FilesMatch rule to match wp-login.php only, and I secured the wp-admin directory, requiring a username and password to access it, using Password Protect directories in CPanel (basically adds what Grummel posted to the wp-admin directory’s .htaccess).
    However, on the front end (there should be no requirement for normal visitors to the site to access wp-admin directory, nor wp-login.php page) if this plugin is enabled users are asked to log in. If the plugin is disabled, they are NOT asked.

    How can we make this work????

    I solved this ??

    This is what is needed:

    Edit the SlideShowPlugin.php file, found in the “classes” directory of this plugin.

    Find this string by searching for the word “admin”:

    admin_url(‘admin-ajax.php?action=slideshow_jquery_image_gallery_load_stylesheet&style=’ . $styleName),

    replace with this:

    ‘/home/username/public_html/wp-admin/admin-ajax.php?action=slideshow_jquery_image_gallery_load_stylesheet&style=’ . $styleName,

    where /home/username/public_html/wp-admin/ is the full path, on YOUR SERVER, to your wp-admin folder. Basically, we are replacing

    admin_url(‘…..’)

    with

    ‘PATHTOWPADMIN/……’

    i.e. place it ALL inside the single quote, and remove the parenthesis

    Save the newly edited file, and try to visit your front-end again…it should no longer request the login. This is because PHP is an internal process, so it doesn’t require validation via htpassword, provided it uses server paths, as opposed to WP hooks or publically-accessible urls.

    Hope this helps ??

    What version was this fix for? The latest, 2.2.20 does not seem to have this code.

    Help,

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘htaccess Problem’ is closed to new replies.