eamonlaser
Forum Replies Created
-
Actually, I decided to stop the scan because I downloaded the log file and it just says the same thing as the browser console did:
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 3, 2020, 6:15 pm][Scanner] Files: 4907*******************************************
then it continues for the next 15 hours…
*******************************************[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:24 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:25 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:25 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:25 am][Scanner] ERROR: Unable to open file /home/musicatstpeters/.htaccess
[August 4, 2020, 9:25 am][Scanner] Files: 4907Thanks – I set up diagnostic logging and started a scan yesterday evening at 5.56pm. It is now 9.19am and the scan still hasn’t completed:
Started August 3, 2020, 5:56 pm
Finished
Duration 923.18 minutes
Performance 0 KB/sec
Mode Full, ManualShould I stop the scan?
And are there any 404 Detection notices visible in the plugin Logs page ?
(Note you need to scroll through all logs pages to get the complete picture).There are 27 pages of 404 logs in the last 24 hours. 224 pages of logs in total. What are we looking for exactly?
Also please post the content of your .htaccess file.
Here is the .htaccess file:
# BEGIN iThemes Security – Do not modify or remove this line
# iThemes Security Config Details: 2
# Enable HackRepair.com’s blacklist feature – Security > Settings > Banned Users > Default Blacklist
# Start HackRepair.com Blacklist
RewriteEngine on
# Start Abuse Agent Blocking
RewriteCond %{HTTP_USER_AGENT} “^Mozilla.*Indy” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Mozilla.*NEWT” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^$” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Maxthon$” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^SeaMonkey$” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Acunetix” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^binlar” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^BlackWidow” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Bolt 0” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^BOT for JCE” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Bot mailto\:craftbot@yahoo\.com” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^casper” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^checkprivacy” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^ChinaClaw” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^clshttp” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^cmsworldmap” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Custo” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Default Browser 0” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^diavol” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^DIIbot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^DISCo” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^dotbot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Download Demon” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^eCatch” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^EirGrabber” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^EmailCollector” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^EmailSiphon” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^EmailWolf” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Express WebPictures” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^extract” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^ExtractorPro” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^EyeNetIE” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^feedfinder” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^FHscan” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^FlashGet” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^flicky” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^g00g1e” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^GetRight” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^GetWeb\!” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Go\!Zilla” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Go\-Ahead\-Got\-It” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^grab” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^GrabNet” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Grafula” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^harvest” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^HMView” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Image Stripper” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Image Sucker” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^InterGET” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Internet Ninja” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^InternetSeer\.com” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^jakarta” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Java” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^JetCar” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^JOC Web Spider” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^kanagawa” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^kmccrew” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^larbin” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^LeechFTP” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^libwww” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Mass Downloader” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^microsoft\.url” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^MIDown tool” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^miner” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Mister PiX” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^MSFrontPage” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Navroad” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^NearSite” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Net Vampire” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^NetAnts” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^NetSpider” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^NetZIP” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^nutch” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Octopus” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Offline Explorer” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Offline Navigator” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^PageGrabber” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Papa Foto” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^pavuk” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^pcBrowser” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^PeoplePal” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^planetwork” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^psbot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^purebot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^pycurl” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^RealDownload” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^ReGet” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Rippers 0” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^sitecheck\.internetseer\.com” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^SiteSnagger” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^skygrid” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^SmartDownload” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^sucker” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^SuperBot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^SuperHTTP” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Surfbot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^tAkeOut” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Teleport Pro” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Toata dragostea mea pentru diavola” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^turnit” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^vikspider” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^VoidEYE” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Web Image Collector” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebAuto” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebBandit” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebCopier” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebFetch” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebGo IS” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebLeacher” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebReaper” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebSauger” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Website eXtractor” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Website Quester” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebStripper” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebWhacker” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WebZIP” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Widow” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WPScan” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WWW\-Mechanize” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^WWWOFFLE” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Xaldon WebSpider” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^Zeus” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “^zmeu” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “360Spider” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “CazoodleBot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “discobot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “EasouSpider” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “ecxi” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “GT\:\:WWW” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “heritrix” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “HTTP\:\:Lite” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “HTTrack” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “ia_archiver” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “id\-search” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “IDBot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “Indy Library” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “IRLbot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “ISC Systems iRc Search 2\.1” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “LinksCrawler” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “LinksManager\.com_bot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “linkwalker” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “lwp\-trivial” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “MFC_Tear_Sample” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “Microsoft URL Control” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “Missigua Locator” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “MJ12bot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “panscient\.com” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “PECL\:\:HTTP” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “PHPCrawl” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “PleaseCrawl” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “SBIder” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “SearchmetricsBot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “SeznamBot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “Snoopy” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “Steeler” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “URI\:\:Fetch” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “urllib” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “Web Sucker” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “webalta” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “WebCollage” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “Wells Search II” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “WEP Search” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “XoviBot” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “YisouSpider” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “zermelo” [NC,OR]
RewriteCond %{HTTP_USER_AGENT} “ZyBorg” [NC,OR]
# End Abuse Agent Blocking
# Start Abuse HTTP Referrer Blocking
RewriteCond %{HTTP_REFERER} “^https?://(?:[^/]+\.)?semalt\.com” [NC,OR]
RewriteCond %{HTTP_REFERER} “^https?://(?:[^/]+\.)?kambasoft\.com” [NC,OR]
RewriteCond %{HTTP_REFERER} “^https?://(?:[^/]+\.)?savetubevideo\.com” [NC]
# End Abuse HTTP Referrer Blocking
RewriteRule ^.* – [F,L]
# End HackRepair.com Blacklist, https://pastebin.com/u/hackrepair# Protect System Files – Security > Settings > System Tweaks > System Files
<files .htaccess>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>
</files>
<files readme.html>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>
</files>
<files readme.txt>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>
</files>
<files wp-config.php>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>
</files># Disable Directory Browsing – Security > Settings > System Tweaks > Directory Browsing
Options -Indexes<IfModule mod_rewrite.c>
RewriteEngine On# Protect System Files – Security > Settings > System Tweaks > System Files
RewriteRule ^wp-admin/install\.php$ – [F]
RewriteRule ^wp-admin/includes/ – [F]
RewriteRule !^wp-includes/ – [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ – [F]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F]
RewriteRule ^wp-includes/theme-compat/ – [F]# Disable PHP in Uploads – Security > Settings > System Tweaks > PHP in Uploads
RewriteRule ^wp\-content/uploads/.*\.(?:php[1-7]?|pht|phtml?|phps)$ – [NC,F]# Filter Request Methods – Security > Settings > System Tweaks > Request Methods
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
RewriteRule ^.* – [F]# Filter Suspicious Query Strings in the URL – Security > Settings > System Tweaks > Suspicious Query Strings
RewriteCond %{QUERY_STRING} \.\.\/ [OR]
RewriteCond %{QUERY_STRING} \.(bash|git|hg|log|svn|swp|cvs) [NC,OR]
RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
RewriteCond %{QUERY_STRING} ftp: [NC,OR]
RewriteCond %{QUERY_STRING} https?: [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)script(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
RewriteCond %{QUERY_STRING} base64_decode\( [NC,OR]
RewriteCond %{QUERY_STRING} %24&x [NC,OR]
RewriteCond %{QUERY_STRING} 127\.0 [NC,OR]
RewriteCond %{QUERY_STRING} (globals|encode|localhost|loopback) [NC,OR]
RewriteCond %{QUERY_STRING} (concat|insert|union|declare) [NC,OR]
RewriteCond %{QUERY_STRING} %[01][0-9A-F] [NC]
RewriteCond %{QUERY_STRING} !^loggedout=true
RewriteCond %{QUERY_STRING} !^action=jetpack-sso
RewriteCond %{QUERY_STRING} !^action=rp
RewriteCond %{HTTP_COOKIE} !wordpress_logged_in_
RewriteCond %{HTTP_REFERER} !^https://maps\.googleapis\.com
RewriteRule ^.* – [F]# Filter Non-English Characters – Security > Settings > System Tweaks > Non-English Characters
RewriteCond %{QUERY_STRING} %[A-F][0-9A-F] [NC]
RewriteRule ^.* – [F]
</IfModule><IfModule mod_rewrite.c>
RewriteEngine On# Reduce Comment Spam – Security > Settings > WordPress Tweaks > Comment Spam
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} /wp-comments-post\.php$
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{HTTP_REFERER} !^https?://(([^/]+\.)?org\.uk|jetpack\.wordpress\.com/jetpack-comment)(/|$) [NC]
RewriteRule ^.* – [F]
</IfModule>
# END iThemes Security – Do not modify or remove this line# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule># END WordPress
Yes, it is.
Forum: Plugins
In reply to: [404 Solution] WordPress backend won’t load following server moveThanks Aaron, sorry for the delay in replying, I’d been trying to get enough time to download the file (it’s so big it looks like it’ll take hours to download)
I moved the existing plugin into another directory to disable it, then it was possible to install the newer version of the plugin to get that all working. The plugin and website now load fine.
If you still want me to send you the last 1000 lines of the log file I can do this, but it will need to wait until I have time to go through the download process because 64GB seems to be a bit big for my FTP and internet connection to cope with!
If you don’t need this file, it would be easier for me to just delete it. Let me know if it’s useful to you.
Thanks for your help, much appreciated!
I’ve now got the site running on PHP 5.5 and we are not getting these errors, so it looks like that’s the problem. We are able to try the site on these versions of PHP (if this helps) 5.5, 5.6, 7.0, 7.1
The original site is running on PHP 5, the new server is running on PHP 7.1 so that is certainly one of the differences. Not sure if I can make this site run on PHP 5 in its current location.
Thanks – that would be a good first step! The error I get when I activate the events manager plugin is below. The server is running PHP 7.1
Fatal error: Uncaught Error: [] operator not supported for strings in /home/testsite/public_html/wp-content/plugins/events-manager/classes/em-events.php:63 Stack trace: #0 /home/testsite/public_html/wp-content/plugins/events-manager/classes/em-events.php(124): EM_Events::get(Array, true) #1 /home/testsite/public_html/wp-content/plugins/events-manager/admin/em-admin.php(21): EM_Events::count(Array) #2 /home/testsite/public_html/wp-includes/class-wp-hook.php(298): em_admin_menu(”) #3 /home/testsite/public_html/wp-includes/class-wp-hook.php(323): WP_Hook->apply_filters(NULL, Array) #4 /home/testsite/public_html/wp-includes/plugin.php(453): WP_Hook->do_action(Array) #5 /home/testsite/public_html/wp-admin/includes/menu.php(149): do_action(‘admin_menu’, ”) #6 /home/testsite/public_html/wp-admin/menu.php(282): require_once(‘/home/thamenews…’) #7 /home/testsite/public_html/wp-admin/admin.php(138): require(‘/home/thamenews…’) #8 /home/testsite/public_html/wp-admin/plugins.php in /home/testsite/public_html/wp-content/plugins/events-manager/classes/em-events.php on line 63
Did you find an answer to this? I’ve just set up the Woocommerce plugin to a WorldPay account and I seem to be getting the same error. It shows up a payment in WorldPay dashboard but the WP page just shows that error at the top of the page.
Whitelisting the URL worked. I copied the full URL from the error log and pasted it into the whitelist of the 404 detection settings and saved that. The errors stopped straight away, and as the URL is nonsense I feel this fix probably won’t cause any problems in the future.
Mine too – Windows server, WP 4.6.1, iThemes Security Version 5.7.0
/wp-content/plugins/better-wp-security/E:/domains/**REMOVED**/www/wp-content/plugins/better-wp-security/core/modules/strong-passwords/js/script.js
Looks like its jumbled the URL up and that’s causing a 404 error because the URL is rubbish.
I read somewhere else about whitelisting that URL so I might try that, but I don’t like editing the security plugin’s settings like this!
Hi – following on from this question, the submit button in my form is too small – I can read the text “Sub” but by playing with the CSS in Firebug I can see that the text should read “Submit form”. The blue rounded corner button isn’t wide enough to display all of this.
Is there a way to control the width of the button?
Hi – just installed the contact bank form on my site and found it very quick and easy to use. I just need to edit the submit button (similar to the others who’ve posted here) – I believe I’ve installed the latest version, but can’t see any options to control the submit text or the colour of the button.
Hope to get an update soon!
Usually the url to run the restore script will be whatever your domain name is e.g. https://yourdomainname.com/restore.php
(This assumes you have uploaded the restore file and your backup zip to the root)
If you don’t have a domain name attached to your hosting yet you will have to speak to your hosts to work out how to browse to your hosting. There is usually a way, but it will be different for each host.
Forum: Plugins
In reply to: [Backup and Move Plugin] Backup Hangs?I don’t know the specifics of your situation, but I’ve found that the backup can take some time depending on how big your website is. If you’ve got pretty standard/basic WordPress installation it can take only a matter of seconds, but if you’ve got a lot of larger files included in the backup it can take a loooonnnggg time!