Adding Custom Code for subdirectory or subdomain sites

[Jeff Burger]

Sorry to bother you. I have looked through the forum but not found an answer.

We have a root site misahopkins.com and a subdomain/subdirectory members.misahopkins.com, each with its own WordPress installation and BPS. I have gotten BPS working fine on the subdir, including some custom code that DAP needs.

The main root used to have BPS on it, but the .htaccess got mangled somehow in the process of adding an SSL (one that includes the subdomains) to the root. I spent hours with hosting support just getting to a simplified fix where both the root and subdomain are accessible. It has been working since without BPS protection using only the following:

# Use PHP5.4 Single php.ini as default
AddHandler application/x-httpd-php54s .php
# Custom subdomain .htaccess SSL + WordPress
RewriteEngine On
RewriteCond %{HTTP_HOST} ^members.misahopkins.com$
RewriteCond %{REQUEST_URI} !^/members/
RewriteRule ^(.*)$ /members/$1
RewriteCond %{HTTP_HOST} ^members.misahopkins.com$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(/)?$ members/index.php [L]
# End custom subdomain .htaccess

# Custom maindomain .htaccess WordPress
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www.)?misahopkins.com$
RewriteRule ^index\.php$ - [L]
RewriteCond %{HTTP_HOST} ^(www.)?misahopkins.com$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# End custom maindomain .htaccess

# BEGIN W3TC Browser Cache

        Header append Vary User-Agent env=!dont-vary
    
        AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/json
    
        # DEFLATE by extension
        AddOutputFilter DEFLATE js css htm html xml
    
# END W3TC Browser Cache

Fast forward to today: I’ve been trying to reactivate BPS. (Note that I only know enough about .htaccess code to make myself dangerous!) I’ve gotten it to work, including manually pasting in the W3TC code. The problem is that now attempts to access the subdomain just lead to the root site. Note that there’s a code block at the very end (that I believe was inserted by a Bluehost hosting tech) and appears there now by virtue of it being in BPS Custom Code editor. I’ve tried adding the the #Custom subdomain and #custom maindomain sections from the above simplified fix code in various ways including 1) immediately following the php default and Addhandler lines or 2) replacing the Bluehost code at file end. One of them (I think the former) causes a Wordfence firewall error re too many attempts and the other results in an Internal Server 500 error. Here’s the code (the version that resolves to the root) without the insert attempted:

#   BULLETPROOF .50.8 >>>>>>> SECURE .HTACCESS     
[standard BPS root htaccess code deleted - no need to display the default BPS root .htaccess code here]

# BEGIN W3TC Browser Cache

    
        Header append Vary User-Agent env=!dont-vary
    
        AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/json
    
        # DEFLATE by extension
        AddOutputFilter DEFLATE js css htm html xml
    

# END W3TC Browser Cache

# IMPORTANT!!! DO NOT DELETE!!! the END WordPress text below
# END WordPress

#Jeff/BlueHost wordpress permalinks configuration (inserted via BPS Custom Code field)

RewriteEngine on
RewriteCond %{HTTP_HOST} ^misahopkins\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.misahopkins\.com$
RewriteRule ^root\-of\-all\-healing\-program$ "http\:\/\/misahopkins\.com\/root\-of\-all\-healing\-self\-healing\-program\/" [R=301,L]

RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

A final note in case it’s relevant: The line in the Bluehost code with:

RewriteRule ^root\-of\-all\-healing\-program$ "http\:\/\/misahopkins\.com\/root\-of\-all\-healing\-self\-healing\-program\/" [R=301,L]

appears to be a rewrite rule. It appears valid because I have that set up via the Redirection plug-in. Curiously, I have dozens of other redirects set up via Redirection as well, however they don’t show here. They seem to be working, leading me to believe that Redirection doesn’t touch the .htaccess. If memory serves, this particular redirect may have been mysteriously not cooperating via Redirection and someone added it brute force to the .htaccess.

Sorry for the long message. Your help is GREATLY appreciated!
Thanks!
Jeff

[AITpro Admin]

The issue is that your custom .htaccess code needs to be added in the correct BPS Root Custom Code text boxes, saved and then a new Root .htaccess file needs to be created with your custom code.

1.  Copy your php.ini handler .htaccess code and W3TC htaccess Cache code to this BPS Root Custom Code text box:  CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
2. Copy your Rewrite Loop custom code (# Custom subdomain .htaccess SSL + WordPress and  # Custom maindomain .htaccess WordPress) to this BPS Root Custom Code text box:  CUSTOM CODE WP REWRITE LOOP START: Add www to non-www/non-www to www code here 
3.  Click the Save Root Custom Code button.
4. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

This RewriteRule can be changed below and all of the other other code at the end of your htaccess file can be deleted since it will cause infinite redirect loop errors and/or other problems and errors.

Change this one line of code...
RewriteRule ^root\-of\-all\-healing\-program$ "http\:\/\/misahopkins\.com\/root\-of\-all\-healing\-self\-healing\-program\/" [R=301,L]

...to this...
RedirectMatch 301 ^root-of-all-healing-program$ http://misahopkins.com/root-of-all-healing-self-healing-program/

[Jeff Burger]

Thanks so much for your prompt response, Keymaster. I believe I’ve done as you instructed, but attempts at accessing members.misahopkins.com yield the following (URL bar reads https://members.misahopkins.com/):

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster@misahopkins.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

Here’s that .htaccess:

#   BULLETPROOF .50.8 >>>>>>> SECURE .HTACCESS     
[standard BPS code deleted]
# CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
AddHandler application/x-httpd-php54 .php

# BEGIN W3TC Browser Cache
        Header append Vary User-Agent env=!dont-vary
    
        AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/json
    
        # DEFLATE by extension
        AddOutputFilter DEFLATE js css htm html xml

[standard BPS code deleted]

# CUSTOM CODE WP REWRITE LOOP START
# Use PHP5.4 Single php.ini as default
AddHandler application/x-httpd-php54s .php
# Custom subdomain .htaccess SSL + WordPress
RewriteEngine On
RewriteCond %{HTTP_HOST} ^members.misahopkins.com$
RewriteCond %{REQUEST_URI} !^/members/
RewriteRule ^(.*)$ /members/$1
RewriteCond %{HTTP_HOST} ^members.misahopkins.com$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(/)?$ members/index.php [L]
# End custom subdomain .htaccess

# Custom maindomain .htaccess WordPress
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www.)?misahopkins.com$
RewriteRule ^index\.php$ - [L]
RewriteCond %{HTTP_HOST} ^(www.)?misahopkins.com$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# End custom maindomain .htaccess

[standard BPS code deleted]

# CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE
#Jeff/BlueHost wordpress permalinks configuration

RewriteEngine on
RewriteCond %{HTTP_HOST} ^misahopkins\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.misahopkins\.com$
RedirectMatch 301 ^root-of-all-healing-program$ http://misahopkins.com/root-of-all-healing-self-healing-program/

[AITpro Admin]

FTP to your website, download the root .htaccess file, edit this code below and delete all of the code except for the RedirectMatch line of code, upload the root .htaccess file back to your website.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^misahopkins\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.misahopkins\.com$
RedirectMatch 301 ^root-of-all-healing-program$ http://misahopkins.com/root-of-all-healing-self-healing-program/

This is all that should remain of the code above.  Now do the same thing in the BPS Custom Code text box.

RedirectMatch 301 ^root-of-all-healing-program$ http://misahopkins.com/root-of-all-healing-self-healing-program/

[Jeff Burger]

Sorry, not trying to be a pain. Unfortunately, I’ve done what you suggested and still no love. Tried activating BulletProof Mode (after making the Custom Code change). Here’s the resulting code:

#   BULLETPROOF .50.8 >>>>>>> SECURE .HTACCESS     

[default BPS code deleted]

# CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE
# Use PHP5.4 as default
AddHandler application/x-httpd-php54 .php

# BEGIN W3TC Browser Cache
<IfModule mod_deflate.c>
    <IfModule mod_headers.c>
        Header append Vary User-Agent env=!dont-vary
    </IfModule>
        AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon application/json
    <IfModule mod_mime.c>
        # DEFLATE by extension
        AddOutputFilter DEFLATE js css htm html xml
    </IfModule>
</IfModule>
# END W3TC Browser Cache

[default BPS code deleted]

# CUSTOM CODE WP REWRITE LOOP START
# Use PHP5.4 Single php.ini as default
AddHandler application/x-httpd-php54s .php
# Custom subdomain .htaccess SSL + WordPress
RewriteEngine On
RewriteCond %{HTTP_HOST} ^members.misahopkins.com$
RewriteCond %{REQUEST_URI} !^/members/
RewriteRule ^(.*)$ /members/$1
RewriteCond %{HTTP_HOST} ^members.misahopkins.com$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(/)?$ members/index.php [L]
# End custom subdomain .htaccess

# Custom maindomain .htaccess WordPress
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www.)?misahopkins.com$
RewriteRule ^index\.php$ - [L]
RewriteCond %{HTTP_HOST} ^(www.)?misahopkins.com$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# End custom maindomain .htaccess
[default BPS code deleted]

[Crap did not catch this before - this is going to be a problem]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# WP REWRITE LOOP END

[default BPS code deleted]

# CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE
#Jeff/BlueHost wordpress permalinks configuration

RedirectMatch 301 ^root-of-all-healing-program$ http://misahopkins.com/root-of-all-healing-self-healing-program/

BTW, the other subdirectories/subdomains under this same root access just fine. The problem is only about accessing members.misahopkins.com… which I’m 99% sure accessed fine before I started editing this root .htaccess file. I’m including here in case the problem lies there. Note the manual addition of the DAP section because I didn’t find any intel on how to add it via BPS Custom Code boxes:

Thanks for all you’re doing!
Jeff

[AITpro Admin]

To be honest with you the code you are currently using for the Rewrite from subdomain to main domain is overly complex, but I assume the reason for that is because “members” is not a true subdomain website and is really a subdirectory website being rewritten as a subdomain. Seems to me it would be much simpler to make the “members” site a true subdomain site with an A or CNAME record pointing to the /members subdomain site/folder.

/members
/main site in the root foder

[AITpro Admin]

Ok actually I see several problems and not sure why I was blanking out, but actually due to the way you have customized the Rewrite code you will have to do a DIY / manually roll your own thing.  BUT I see a big problem with both sites actually being protected correctly.  Normally each site has its own htaccess file, which is what you want.  It is a bad practice NOT to compartmentalize security / htaccess files and I am sure that endless problems will occur because of doing things the way you are currently doing things. What I recommend is that you make the “members” website a true subdomain site. Then you will not need the Rewrite code you created because each site will naturally work normally by following the rules in each of their respective htaccess files. In other words, things will just work.

I can tell you how to do the DIY / Roll your own, but I would be doing that against everything that I know about creating good site architecture/structures and I am 100% sure that both of these sites will have constant ongoing problems by doing things the way they are being done right now.

[Jeff Burger]

Keymaster,

Thanks for your hanging in there with me. Like you, I would like this to be done according with best practice and am not going to ask you how to tell me to do it the wrong way and perpetuate problems. 🙂 That said, would you be kind enough to elaborate further on how to do it right? (Remember, I only know enough to make myself dangerous.)

I’m not sure how to get from the current way the subdomain is setup to the “true subdomain” (with A or CNAME etc.) you suggest. FYI, the root domain name misahopkins.com is registered at Godaddy.com (where it says “0 subdomains forwarded”. The actual misahopkins.com site is hosted at Bluehost, where members is a subdirectory. I’m not really sure how the members subdomain got set up.

Additional intel in Bluehost cpanel: When I go to Subdomains, I see members along with my other subdomains (which all seem to be accessing correctly). Some have redirects, some don’t. The members subdomain says Redirect traffic for members.misahopkins.com to this URL: \.(htaccess|htpasswd|errordocs|logs)$. On the other hand, when I go to Domains, I see my other subdomains (the ones that work correctly) but not our members problem child.

Can you please give me more of a step-by-step on changing the actual way the subdomain is set up. Or is it as simple as removing members from cPanel > Subdomains and creating an Addon in cPanel > Assign Domain?

From what I understood, once this foundation is squared away, then I revisit BPS as follows:
On main misahopkins.com site I used Custom Code only for the W3TC insert.
On members.misahopkins.com I either leave it the same or use Custom Code to insert the DAP code automatically… using which Custom Code box, please?

Thanks… you rock!
Jeff

[AITpro Admin]

Thanks for not asking me to do something fubar and choosing to get this taken care of the right way. 😉

You can disregard anything regarding Go Daddy since the site is Hosted on BlueHost. These links below show how to setup / create a CNAME record for the “members” subdomain site. What neither of these links are telling you to do first that should be done first is to create a folder named /members in the Hosting Account Root folder then create your CNAME or A record and point to the /members folder. Pointing just means enter “members” to point to the /members folder. After you have the DNS setup then you will need to migrate/move the “members” website from where it is now to this new /members folder.

Creating a CNAME or A Record on BlueHost
https://my.bluehost.com/cgi/help/cname
http://support.unbounce.com/entries/20827562-How-do-I-set-up-my-CNAME-with-BlueHost-my-bluehost-com-

Choosing whether to use a CNAME or A record
http://stackoverflow.com/questions/2861372/mydomain-com-a-record-or-cname

See this WordPress Codex page for how to Move/Migrate a WordPress website:
http://codex.wordpress.org/Moving_WordPress

[Jeff Burger]

Thanks. OK, I’m fastening my seat belt!

Just to be clear before I tackle this, I want to get clear about location when you say “first is to create a folder named /members in the Hosting Account Root folder”, please.

I log into the highest possible level of my cPanel File Manager, which they term home directory. The top of the file manager directory tree says /home2/username. misahopkins.com is not in a dedicated folder. To get to it, I click on public_html (the path displays /public_html). Inside that are the wp-content files, etc. for misahopkins.com (public_html/wp-content et al.) The members subdirectory is at the SAME hierarchical level as the root directory’s wp-content (i.e. /public_html/members). Is that where it’s supposed to be or are you suggesting that it needs to be in parallel with /public_html?

And it looks like I need to create members as an Addon domain in order to be able to assign it an A or CNAME record, right?

Thanks so much!
Jeff

[AITpro Admin]

The /public_html/ folder is the Hosting Account root folder and is the Document Root folder.

Typically a single forward slash “/”is used to indicate the Hosting Account/Document root folder, which means the same thing as /public_html/ (or on Go Daddy the root folder is /html/ or on some hosts it is /htdocs/, etc.). The relationship of “/” to /members/ is parent/child, but since the /members/ website has its own htaccess files then it will follow the rules in the /members/.htaccess file instead of the rules in the /.htaccess file in the Hosting Account root folder.

/ is equal to /public_html/
/members/ is equal to /public_html/members/

And it looks like I need to create members as an Addon domain in order to be able to assign it an A or CNAME record, right?

On Go Daddy you do have to associate the subdomain with the primary domain under another control panel as well as doing the DNS stuff.  I believe that is very similar if not the same exact thing as an addon domain on other Hosts. On HostGator you do also add the domain as an addon and create the CNAME or A record. We do not have a BlueHost test Hosting account. From the links above it looks like you just do the DNS stuff and do not need to do anything else, but you should ask BlueHost if you need to do that.

Looks like the answer is Yes, you do need to create “members” as an addon domain associated to the misahopkins.com domain.
https://my.bluehost.com/cgi/help/326

[Jeff Burger]

So it sounds to me like the members dir is already in the right place at /members, yes? So I don’t need to move it, I just need to get the A or CNAME wired up, right?

I’ve read the links. Do I need to first setup members as an addon domain (if that’s even possible)?

So I go to DNS Zone Editor, and select misahopkins.com as the domain. It gives me a list of Zone File Records > A (Host) that already includes members and www.members (as well as all my other addon domains). So isn’t this already set up? Am I supposed to delete those entries and set them up as CNAMEs instead?

Sorry… looks like our emails crossed. OK, I’ll look into how to do an addon with a subdomain. Getting late here on the East Coast. I’ll probably call Bluehost in the AM and see if they can help me drive this home.

Thanks for your patience!
Jeff

[AITpro Admin]

Sounds like everything is almost setup the way it needs to be setup.  I agree that the best thing to do would be to get a BlueHost tech involved to make sure that everything is setup correctly.

[Author]

Posts