gabrielpioaru

Solved!

I’ve deleted from php.ini this line
auto_prepend_file = ‘/home/username/website.com/wordfence-waf.php

It might be one in .htaccess. Remove that if it’s there!

I’ve posted de wrong .htaccess file, sorry.
Here is the right one.

<Files xmlrpc.php>
Allow from deny
</Files>
# END GOTMLS Patch to Block XMLRPC Access
<IfModule mod_rewrite.c>
RewriteEngine On
#Replace ?mysite\.com/ with your blog url
RewriteCond %{HTTP_REFERER} !^https://(.+\.)gabriel.pioaru.ro [NC]
RewriteCond %{HTTP_REFERER} !^$
</IfModule>
# BEGIN s2Member GZIP exclusions
<IfModule rewrite_module>
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (^|\?|&)s2member_file_download\=.+ [OR]
RewriteCond %{QUERY_STRING} (^|\?|&)no-gzip\=1
RewriteRule .* – [E=no-gzip:1]
</IfModule>
# END s2Member GZIP exclusions
# Begin redirect www to no-www
<IfModule rewrite_module>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
</IfModule>
# END redirect www to no-www
# BEGIN rlrssslReallySimpleSSL rsssl_version[2.4.3]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

<IfModule mod_expires.c>
# Enable expirations
ExpiresActive On
# Default directive
ExpiresDefault “access plus 1 month”
# My favicon
ExpiresByType image/x-icon “access plus 1 year”
# Images
ExpiresByType image/gif “access plus 1 month”
ExpiresByType image/png “access plus 1 month”
ExpiresByType image/jpg “access plus 1 month”
ExpiresByType image/jpeg “access plus 1 month”
# CSS
ExpiresByType text/css “access 1 month”
# Javascript
ExpiresByType application/javascript “access plus 1 year”
</IfModule>
<ifModule mod_headers.c>
Header unset ETag
</ifModule>
FileETag None

here is my .htaccess file

<Files xmlrpc.php>
Allow from deny
</Files>
# END GOTMLS Patch to Block XMLRPC Access
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^https://(.+\.)gabriel.pioaru.ro [NC]
RewriteCond %{HTTP_REFERER} !^$
</IfModule>
# BEGIN s2Member GZIP exclusions
<IfModule rewrite_module>
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} (^|\?|&)s2member_file_download\=.+ [OR]
RewriteCond %{QUERY_STRING} (^|\?|&)no-gzip\=1
RewriteRule .* – [E=no-gzip:1]
</IfModule>
# END s2Member GZIP exclusions
# Begin redirect www to no-www
<IfModule rewrite_module>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
</IfModule>
# END redirect www to no-www
# BEGIN rlrssslReallySimpleSSL rsssl_version[2.4.3]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
# END rlrssslReallySimpleSSL
<IfModule mod_expires.c>
# Enable expirations
ExpiresActive On
# Default directive
ExpiresDefault “access plus 1 month”
# My favicon
ExpiresByType image/x-icon “access plus 1 year”
# Images
ExpiresByType image/gif “access plus 1 month”
ExpiresByType image/png “access plus 1 month”
ExpiresByType image/jpg “access plus 1 month”
ExpiresByType image/jpeg “access plus 1 month”
# CSS
ExpiresByType text/css “access 1 month”
# Javascript
ExpiresByType application/javascript “access plus 1 year”
</IfModule>
<ifModule mod_headers.c>
Header unset ETag
</ifModule>
FileETag None

I’ve enabled wp_debug, wp_debug_log and wp_debug_display but i can’t find them anywhere, as in wp-content or root folder can’t see them…
I have ispconfig so i don’t have a file manager. I just use ftp to manage the files