AutoRestore Exclude paths should not contain wp-content in the exclude path

[James Burden]

Hi – I have a problem on one of my websites where installation and activation appears to have gone smoothly, but somehow I’ve invoked a ARQ FailSafe Procedural Shutdown, and I’m getting the error message:”
Error: Exclude paths should not contain wp-content in the exclude path. wp-content contains wp-content in the exclude path. Delete wp-content from the exclude path and click the Save To DB button again. Click the Blue Read Me help button to see examples of valid exclude paths.”

I’ve checked my Exclude Dynamic Folders tab and I can’t see any references to wp-content being in an exclude path. In the column to the right of ‘Label/Description’ I’ve simply got “plugins, chosen, css, images, js” respectively in the five boxes. I’ve tried saving to DB, Creating Filter and Excluding Folders Now, but it doesn’t change the error message.

What do I need to do to resolve this error?

(Using latest version of WordPress and BPS Pro)

[AITpro Admin]

These are the only exclude rules that you see?  When you scroll down do you see any other excluded folders?  Are chosen, css, images and js folders under your wp-content folder?  Example:  /wp-content/chosen, /wp-content/css, etc

plugins
chosen
css
images
js

[James Burden]

Ok. Feeling like a complete rookie now. Yes of course, the scroll bar. Not sure how I missed that. My head is in my hands.

Yup – I’ve got two columns as follows:

Exclude Plugins Folder  |  plugins
chosen   |  chosen
css   |  css
images   |  chosen
js   |  js
limit-login-attempts   |  limit-login-attempts
wp-content   |  wp-content

So presumably I just delete the entries in that last row then and then hit the three blue buttons?

[AITpro Admin]

The scroll bar thing is clunky and it will probably be changed at some point for exactly this reason.  I assume the Setup Wizard detected files directly under the wp-content folder and this caused the Setup Wizard to add/create/exclude the wp-content folder automatically.  We will create an additional condition that will prevent this from happening in the next BPS Pro release.

Do these folders actually exist under the wp-content folder?  Were they put there temporarily?  Do you see files directly under the /wp-content folder that should not be there?

/wp-content/css/
/wp-content/js/
/wp-content/limit-login-attempts/

[James Burden]

Interesting, no these folders don’t exist:

/wp-content/css/
/wp-content/js/
/wp-content/limit-login-attempts/

The limit-login-attempts folder exists here: /wp-content/mu-plugins/limit-login-attempts
This is a plugin that is automatically installed by my web host WPEngine.

I’ve got css and js folders in both /wp-admin and /wp-includes if that helps? Should I be deleting more than just the wp-content line in the Exclude Dynamic Folders table?

[AITpro Admin]

Yep, delete any AutoRestore exclude rules for folders that do not actually exist under the /wp-content folder and click the 3 exclude rule buttons.  Then re-run the Pre-Installation Wizard and Setup Wizard and check AutoRestore and see if the exclude rules are added again and let me know what happens.  If they are added again then delete them again.

[James Burden]

Ok. I’ve done that now. I deleted all the exclude rules apart from the one that simply says “plugins”, as none of the ones I mentioned above actually existed in /wp-content and then I clicked the three buttons. All seemed fine to that point.

However, when I then re-ran the Pre-installation wizard it then caused exactly the same problem again that I’d detailed in this other problem that I posted about earlier today (http://forum.ait-pro.com/forums/topic/plugin-firewall-problem-2/). Notwithstanding I re-entered the regex code to whitelist the plugin. So whenever I re-run the Pre-Installation wizard it resets the plugin firewall whitelisting rules. That’s a bit a of a pain. And I’ve only got one plugin on this site at the moment. That doesn’t sound right to me…

Additionally when I then re-run the Setup Wizard it resets the exclude rules back to the ones I detailed in #11137 above and returns the same error message about how exclude paths shouldn’t contain wp-content in the exclude path.

What do you advise from here?

[AITpro Admin]

Yep, the Plugin Firewall issue will be dealt with in the next BPS Pro version release, but the AutoRestore exclude rule problem is something that we have not seen before.  This should not be occuring at all so logically this would mean that something is off with paths on this site or something unusual is occurring on this site.  Are you using a minify plugin or doing anything with minifying?  Or maybe some sort or URL hiding or redirection thing?  I would like to login to this site to see what might be causing this problem.  Send an Admin login to this site to edward at ait-pro dot com.  Thanks.

[James Burden]

Nope – not using a minify plugin or URL hiding (as far as I’m aware – unless it’s something that the WPEngine implement outside the environment that I’m seeing). Indeed – I specifically asked WPEngine before I signed up whether their environment supports BPSPro (they have a short black list of plugins that they don’t allow), and they said that they had around 60 users already using BPSPro on the WPEngine environment.

Feel free to have an explore in wp-admin. I’m just sending you a login now.

[AITpro Admin]

Ok logging in now.  Will let you know what I find.  Thanks.

[AITpro Admin]

I see the BPS Custom Permalinks check displayed.

HUD Check: Custom Permalinks are NOT being used.
It is recommended that you use Custom Permalinks: How to setup Custom Permalinks
To Dismiss this Notice click the Dismiss Notice link below.
To Reset Dismiss Notices click the Reset/Recheck Dismiss Notices button on the S-Monitor page.

You are using Default WP permalinks.  Is this intentional for some reason and you do not want to use Custom Permalinks?

http://xxxxx.org/?p=123

[AITpro Admin]

I believe this /nas/wp/www/xxxxx/xxxxx/wp-content/mysql.sql file in the root of the /wp-content folder is responsible for the invalid ARQ exclude rules being created by the Setup Wizard, but will have to reproduce this exact same scenario on a testing website to confirm this 100%.  In any case, what needs to be added to the Setup Wizard is condition to ignore the root /wp-content directory and only look at subfolders in the /wp-content folder.  Or additional coding work would need to be done to create single file exclude rules (sql files may or may not be dynamic, but they are treated as dynamic files because there is an 80% chance they are dynamic vs a 20% chance they are static) for files in the root of /wp-content.  The other folders that were being created were WPEngine folders under /wp-content/mu-plugins/.  I have created an ARQ exclude rule for the /mu-plugins/ folder.  I will include this scenario in my testing.

The Plugin Firewall additional checking condition will look for a directory in that folder path to confirm or deny the rule as being valid or invalid.  Example:  /seedprod-coming-soon-pro/themes/default/bootstrap/js/  would have an additional checking condition for this directory: /wp-content/themes/default/bootstrap/js/.  Obviously this directory does not exist here so the Error will not be displayed.  This check would be done dynamically and not statically using literal paths.

Logged out of the site now.  For now everything is setup correctly, but obviously running the Wizards on this site will cause some issues that will be corrected after I know the exact cause in testing.

 

[James Burden]

Thanks so much for your time and help on this. I really really appreciate it.

There was no reason I hadn’t moved over to custom permalinks. I simply hadn’t got round to it – it’s next on my standard checklist of things to do on a new install but I was distracted by the issues around BPS! I’ve changed them now.

I’m not sure what that mysql.sql file is doing there. It’s not something that I’ve consciously done, and by what you’ve indicated above it doesn’t like its part of a standard install then – otherwise you’d be getting reports of the problem from more people than just me? I’ll ask WPEngine if that’s anything to do with their platform setup.

In the last two hours I’ve had eight notifications of a file being quarantined on this site. Apart from the time stamp they’re all identical to this one:
>>>>>>>>>>>> Root File AutoRestore Logged – November 13, 2013 – 11:45 pm <<<<<<<<<<<
Quarantined File: Root .htaccess file renamed to auto_.htaccess
Quarantine Folder: /nas/wp/www/cluster-1754/familyimp/wp-content/bps-backup/quarantine/
AutoRestored File: /nas/wp/www/cluster-1754/familyimp/.htaccess
Quarantined From/Restore Path: /nas/wp/www/cluster-1754/familyimp/.htaccess</p>

Is that a result of the changes of you’ve made in wp-admin? Is it anything I should act on? Should I restore this file?

There is also a notification of a PHP Error. The log is showing multiple instances of permissions being denied in functions.php, and no such file referenced in quarantine.php. Your login details are still active if you need to take a more detailed look at the log. But again, just wanting to check whether that is a result of changes you’ve made and whether there’s anything I need to worry about with that.

Thanks again for all your help.
James

[AITpro Admin]

This is a first for this particular problem, but it points out some things that need to be changed so that it is a good thing.  I was doing several things when checking and testing your site and I believe the root .htaccess file was quarantined several times during that testing.  The php errors are also related to what I was testing.  You should not be seeing any new errors and everything should be fine at this point / nothing needs to be done.

[James Burden]

I’ve had another 80 notifications overnight of the auto.htaccess file being quarantined. And one notification about that mysql.sql file being quarantined. Is there a way for me to prevent that file being continually quarantined?

[Author]

Posts