You don’t have permission to access /wp-login.php on this server

[SamWylde]

Hello,

When I install  Bulletproof  and activate the secure .htaccess, I am unable to login into wordpress.

I always get:
Forbidden
You don’t have permission to access /wp-login.php on this server.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

Is there something I should change to allow me to login and still keep the secure .htaccess?

[AITpro Admin]

The problem is most likely being caused by the new Brute Force Login page protection code that was added to the root .htaccess file.  We will be phasing that code out in BPS Pro 7.7 since it is problematic on about 5% of websites.

If you are unable to login to your site then use FTP and delete the Root .htaccess file and log into your site and do the steps below.

Click on the BPS Pro Custom Code menu link.
Click on the Root htaccess File Custom Code accordion tab.
Add a pound sign # in this Custom Code Text box: CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION:
Click the Save Root Custom Code button.
Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.

Test logging in and out of your site and let me know the results. Thanks.

[Young Master]

Are you trying to say that you are going to remove login protection code in BPS Pro 7.7?

[SamWylde]

Thank you, it works fine now :).

 

 

[AITpro Admin]

Nope.  For anyone who already has the Brute Force Login page protection code and it is working fine on their websites then this will not affect those folks.  We have decided to not make this code below standard code in BPS and BPS Pro.  We have a standard/cutoff for acceptable success/fail ratios.  5% fail is the cutoff for standardized code.

When we release BPS Pro 7.7 we will probably create an Admin Dismiss Notice that explains what to do if you are currently using this code already.

# BRUTE FORCE LOGIN PAGE PROTECTION
# Protects the Login page from SpamBots & Proxies
# that use Server Protocol HTTP/1.0 or a blank User Agent
RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{THE_REQUEST} HTTP/1\.1$ [OR]
RewriteCond %{SERVER_PROTOCOL} HTTP/1\.1$
RewriteRule ^(.*)$ - [F,L]

 

[Young Master]

Mhmmm!!! There is something I dont understand here…How will this not affect folks who already has the Brute Force Login page protection code and it is working fine on their websites?

[AITpro Admin]

Because we will not be including the code as standard code.  This code is now in the category of optional/Bonus code because it does not meet our standards for standard code.

The Dismiss Notice will tell you what steps you need to do to save the code permanently to this Custom Code text box:  CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION: 

Something like copy this code X from your Root .htaccess file and paste it here Y to save it permanently.

When I say remove I am saying removal from BPS Pro plugin writing – BPS Pro will no longer create this code.  Not removal from your Root .htaccess file.  The code will not be touched in your Root .htaccess file if it already exists.

[Young Master]

Well understood Sir. Thank you for your explanations.

[SamWylde]

I am still getting the same error.

[AITpro Admin]

Check your root .htaccess file.  You can check your root .htaccess file code on the B-Core htaccess File Editor page.  Click the Your Current Root htaccess File tab.  Do you see this code or similar code in your root .htaccess file?

# BRUTE FORCE LOGIN PAGE PROTECTION
# Protects the Login page from SpamBots & Proxies
# that use Server Protocol HTTP/1.0 or a blank User Agent
RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{THE_REQUEST} HTTP/1\.1$ [OR]
RewriteCond %{SERVER_PROTOCOL} HTTP/1\.1$
RewriteRule ^(.*)$ - [F,L]

[Scott]

[Topic has been merged into this relevant Topic]
I upgraded to pro last week after enduring nonstop brute force attacks triggering user account lockouts (even after following the instruction to create a non-posting user account). Everything went fine with the upgrade, but today my login page is redirecting to a 403 page (for both user accounts).

http://tonyortega.org/

I searched this forum and found a few posts recounting similar problems, but which problems may not share the same cause. None of the first steps advised in those posts worked for me. (1) I changed the root .htaccess permissions from 0404 to 0644. (2) I deleted the root .htaccess file. Since there was no change to error message, I restored the root .htaccess file, but I’m still at a loss. (3) I replaced the root .htaccess file with the default.htaccess file found in the /admin folder as suggested on a similar thread. No change. (4) I deleted the BPS folder entirely, and reverted to the default .htaccess file. Slight change–a different error message:

Forbidden
You don’t have permission to access /wp-login.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

My .htaccess file follows:

#   BULLETPROOF PRO 11.9.1 SECURE .HTACCESS          

# PHP/PHP.INI HANDLER/CACHE CODE
# Use BPS Custom Code to add php/php.ini Handler and Cache htaccess code and to save it permanently.
# Most Hosts do not have/use/require php/php.ini Handler htaccess code

# TURN OFF YOUR SERVER SIGNATURE
# Suppresses the footer line server version number and ServerName of the serving virtual host
ServerSignature Off

# DO NOT SHOW DIRECTORY LISTING
# Disallow mod_autoindex from displaying a directory listing
# If a 500 Internal Server Error occurs when activating Root BulletProof Mode 
# copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code 
# and paste it into BPS Custom Code and comment out Options -Indexes 
# by adding a # sign in front of it.
# Example: #Options -Indexes
Options -Indexes

# DIRECTORY INDEX FORCE INDEX.PHP
# Use index.php as default directory index file. index.html will be ignored.
# If a 500 Internal Server Error occurs when activating Root BulletProof Mode 
# copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code 
# and paste it into BPS Custom Code and comment out DirectoryIndex 
# by adding a # sign in front of it.
# Example: #DirectoryIndex index.php index.html /index.php
DirectoryIndex index.php index.html /index.php

# CUSTOM CODE BRUTE FORCE LOGIN PAGE PROTECTION
# BRUTE FORCE LOGIN PAGE PROTECTION
# Protects the Login page from SpamBots, HackerBots & Proxies
# that use Server Protocol HTTP/1.0 or a blank User Agent
RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR]
RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$
RewriteRule ^(.*)$ - [F,L]


# BPS PRO ERROR LOGGING AND TRACKING
# Use BPS Custom Code to modify/edit/change this code and to save it permanently.
# BPS Pro has premade 400 Bad Request, 403 Forbidden, 404 Not Found, 405 Method Not Allowed and 
# 410 Gone template logging files that are used to track and log 400, 403, 404, 405 and 410 errors 
# that occur on your website. When a hacker attempts to hack your website the hackers IP address, 
# Host name, Request Method, Referering link, the file name or requested resource, the user agent 
# of the hacker and the query string used in the hack attempt are logged.
# All BPS Pro log files are htaccess protected so that only you can view them. 
# The 400.php, 403.php, 404.php, 405.php and 410.php files are located in /wp-content/plugins/bulletproof-security/
# The 400, 403, 405 and 410 Error logging files are already set up and will automatically start logging errors
# after you install BPS Pro and have activated BulletProof Mode for your Root folder.
# If you would like to log 404 errors you will need to copy the logging code in the BPS Pro 404.php file
# to your Theme's 404.php template file. Simple instructions are included in the BPS Pro 404.php file.
# You can open the BPS Pro 404.php file using the WP Plugins Editor or by using the BPS Pro File Manager.
# NOTE: By default WordPress automatically looks in your Theme's folder for a 404.php Theme template file.

ErrorDocument 400 /wp-content/plugins/bulletproof-security/400.php
ErrorDocument 401 default
ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php
ErrorDocument 404 /404.php
ErrorDocument 405 /wp-content/plugins/bulletproof-security/405.php
ErrorDocument 410 /wp-content/plugins/bulletproof-security/410.php

# DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS
# Use BPS Custom Code to modify/edit/change this code and to save it permanently.
# Files and folders starting with a dot: .htaccess, .htpasswd, .errordocs, .logs
RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$

# WP-ADMIN/INCLUDES
# Use BPS Custom Code to remove this code permanently.
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]
RewriteRule ^wp-includes/theme-compat/ - [F]

# WP REWRITE LOOP START
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# REQUEST METHODS FILTERED
# If you want to allow HEAD Requests use BPS Custom Code and copy 
# this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code 
# text box: CUSTOM CODE REQUEST METHODS FILTERED.
# See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps.
RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC]
RewriteRule ^(.*)$ - [F]
RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC]
RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L]

# PLUGINS/THEMES AND VARIOUS EXPLOIT FILTER SKIP RULES
# To add plugin/theme skip/bypass rules use BPS Custom Code.
# The [S] flag is used to skip following rules. Skip rule [S=12] will skip 12 following RewriteRules.
# The skip rules MUST be in descending consecutive number order: 12, 11, 10, 9...
# If you delete a skip rule, change the other skip rule numbers accordingly.
# Examples: If RewriteRule [S=5] is deleted than change [S=6] to [S=5], [S=7] to [S=6], etc.
# If you add a new skip rule above skip rule 12 it will be skip rule 13: [S=13]

# Adminer MySQL management tool data populate
RewriteCond %{REQUEST_URI} ^/wp-content/plugins/adminer/ [NC]
RewriteRule . - [S=12]
# Comment Spam Pack MU Plugin - CAPTCHA images not displaying 
RewriteCond %{REQUEST_URI} ^/wp-content/mu-plugins/custom-anti-spam/ [NC]
RewriteRule . - [S=11]
# Peters Custom Anti-Spam display CAPTCHA Image
RewriteCond %{REQUEST_URI} ^/wp-content/plugins/peters-custom-anti-spam-image/ [NC] 
RewriteRule . - [S=10]
# Status Updater plugin fb connect
RewriteCond %{REQUEST_URI} ^/wp-content/plugins/fb-status-updater/ [NC] 
RewriteRule . - [S=9]
# Stream Video Player - Adding FLV Videos Blocked
RewriteCond %{REQUEST_URI} ^/wp-content/plugins/stream-video-player/ [NC]
RewriteRule . - [S=8]
# XCloner 404 or 403 error when updating settings
RewriteCond %{REQUEST_URI} ^/wp-content/plugins/xcloner-backup-and-restore/ [NC]
RewriteRule . - [S=7]
# BuddyPress Logout Redirect
RewriteCond %{QUERY_STRING} action=logout&redirect_to=http%3A%2F%2F(.*) [NC]
RewriteRule . - [S=6]
# redirect_to=
RewriteCond %{QUERY_STRING} redirect_to=(.*) [NC]
RewriteRule . - [S=5]
# Login Plugins Password Reset And Redirect 1
RewriteCond %{QUERY_STRING} action=resetpass&key=(.*) [NC]
RewriteRule . - [S=4]
# Login Plugins Password Reset And Redirect 2
RewriteCond %{QUERY_STRING} action=rp&key=(.*) [NC]
RewriteRule . - [S=3]

# TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
# Use BPS Custom Code to modify/edit/change this code and to save it permanently.
# Remote File Inclusion (RFI) security rules
# Note: Only whitelist your additional domains or files if needed - do not whitelist hacker domains or files
RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR]
RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC]
RewriteRule .* index.php [F]
# 
# Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php)
RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC]
# Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).*
RewriteCond %{HTTP_REFERER} ^.*tonyortega.org.*
RewriteRule . - [S=1]

# BEGIN BPSQSE BPS QUERY STRING EXPLOITS
# The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good bots use it too.
# Good sites such as W3C use it for their W3C-LinkChecker. 
# Use BPS Custom Code to add or remove user agents temporarily or permanently from the 
# User Agent filters directly below or to modify/edit/change any of the other security code rules below.
RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|java|winhttp|clshttp|loader) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%20+\\s+)HTTP(:/|/) [NC,OR]
RewriteCond %{THE_REQUEST} etc/passwd [NC,OR]
RewriteCond %{THE_REQUEST} cgi-bin [NC,OR]
RewriteCond %{THE_REQUEST} (\\r|\\n|%0A|%0D) [NC,OR]
RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR]
RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR]
RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [NC,OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [NC,OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR]
RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR]
RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%2e%2e/|\.\.%2f|%2e\.%2f|%2e\./|\.%2e%2f|\.%2e/) [NC,OR]
RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
RewriteCond %{QUERY_STRING} http\: [NC,OR] 
RewriteCond %{QUERY_STRING} https\: [NC,OR]
RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*embed.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^e]*e)+mbed.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*object.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^o]*o)+bject.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR] 
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x7f).* [NC,OR]
RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR]
RewriteCond %{QUERY_STRING} (\.{1,}/)+(motd|etc|bin) [NC,OR]
RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]
RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR]
RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR]
RewriteCond %{QUERY_STRING} \-[sdcr].*(allow_url_include|allow_url_fopen|safe_mode|disable_functions|auto_prepend_file) [NC,OR]
RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR]
RewriteCond %{QUERY_STRING} (sp_executesql) [NC]
RewriteRule ^(.*)$ - [F]
# END BPSQSE BPS QUERY STRING EXPLOITS
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# WP REWRITE LOOP END

# DENY BROWSER ACCESS TO THESE FILES 
# Use BPS Custom Code to modify/edit/change this code and to save it permanently.
# wp-config.php, bb-config.php, php.ini, php5.ini, readme.html
# To be able to view these files from a Browser, replace 127.0.0.1 with your actual 
# current IP address. Comment out: #Deny from all and Uncomment: Allow from 127.0.0.1 
# Note: The BPS System Info page displays which modules are loaded on your server. 

<FilesMatch "^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php)">
Order Allow,Deny
Deny from all
#Allow from 127.0.0.1
</FilesMatch>

# HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE
# PLACEHOLDER ONLY
# Use BPS Custom Code to add custom code and save it permanently here.

[AITpro Admin]

@ Scott – By doing this troubleshooting step:  “(4) I deleted the BPS folder entirely, and reverted to the default .htaccess file. Slight change–a different error message:” you have completely eliminated that BPS is causing the 403 error on your Login page.  Good job!  So either another plugin you have installed is causing the 403 error (less likely) or your web host has added brute force attack protection on your host server that is blocking your IP address by mistake (most likely) or your web host has added a mod_security SecRule/SecFilter that is causing the 403 error (less likely).  You will need to contact your web host and check with them to see if they are causing the Login page 403 error.

Another possibilility is that you have an htaccess file higher up in your folder structure hierarchy that is causing the 403 error.

Example:
/.htaccess – this parent htaccess file higher up in your folder structure hierarchy has code in it that is causing the Login page 403 error.
/example-website-folder/ – this child folder has the rules from the parent htaccess file above applied to it because htaccess files are hierarchical/recursive.

htaccess hierarchy, structure, relationship reference:  http://forum.ait-pro.com/forums/topic/htaccess-files-for-multiple-website-domains/

[Scott]

Thanks. I need to correct myself though. Shortly after posting step 4, I re-tried it and was able to log in with the default htaccess file and the bps pro plugin removed.

But now, after I reactivated BPS from the admin page, I can see on another browser that attempting to access the /wp-admin/ page redirects to the 403 page. So I’m kind of back to square one (I must’ve performed step 4 incorrectly the first time), except that on one browser at least, I’m able to access the BPS via the admin page. I’ve no idea whether that’s to my advantage or not, but perhaps you can advise better. Same .htaccess file as I pasted in previous post.

EDIT to add that I updated BPS pro and one other plugin, and the problem persists. I also tried deactivating and activating BPS pro.

[AITpro Admin]

@ Scott – Ok then the BRUTE FORCE LOGIN PAGE PROTECTION htaccess code that blocks by Server Protocol HTTP/1.0 in your root htaccess file is most likely causing the problem.  Do these steps below.

1. Use FTP and rename the /bulletproof-security/ plugin folder to: /_bulletproof-security/
2. Use FTP and delete your Root htaccess file.
3. Login to your website.
4. Rename the /_bulletproof-security/ plugin folder back to: /bulletproof-security/
5. Go to BPS Root Custom Code and delete the BRUTE FORCE LOGIN PAGE PROTECTION htaccess code in Custom Code.
6. Click the Save Root Custom Code button.
7. Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.

You should now be able to login and logout of your site without seeing 403 errors on your login page.

http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/

This code below will block/Forbid are large number of automated Brute Force Login attempts based on Server Protocol HTTP/1.0, which is an outdated Server Protocol used by hackers and spammers on older Proxy software or modified Proxy software for various beneficial reasons to those hackers and spammers.  This code has a 95%/5% success fail ratio meaning that this code works on 95% of websites/Servers and does not work on 5% of websites/Servers.  See the IMPORTANT NOTE below.

IMPORTANT NOTE:  If you see a 403 error on your login page when trying to login or log out of your website then you cannot use this code on your Server/Website and will need to delete this code to correct the 403 error on login and logout.

[Scott]

That did indeed work, thank you. Took a bit of wrangling due to confusion between locked and unlocked files (I kept deleting, both in custom area and in file itself and the code kept reappearing).

For what it’s worth, you might want to consider either automatically deleting that custom code when free users turn pro users if there’s an inherent conflict between that code and the pro version. I mean, that custom code represented an attempt to fix a problem while I was a free user that BPS pro renders redundant and conflicting (unless I have that all wrong); or at least informing free users turning pro that they should delete that code. I imagine that like me many free users became pro because of brute force attacks locking them out, so I might not be the only person encountering this. But then again, it took a week for this problem to emerge, so I don’t really know. But thanks again.

[Author]

Posts