Home › Forums › BulletProof Security Pro › 403 error after trying to restore quarantined file
- This topic has 6 replies, 2 voices, and was last updated 3 years, 11 months ago by
AITpro Admin.
Viewing 7 posts - 1 through 7 (of 7 total)
-
AuthorPosts
-
UPR
ParticipantHi guys,
Getting a 403 error after trying to resore my .htaccess file out of quarantine (changed PHP settings on server).
Never happened before worked fine all the time.Any advise please how to deal with this?
Thank you!
Sash
AITpro Admin
KeymasterDownload a copy of your root htaccess file and post it in your forum reply so I can take a look at it. Sounds like you probably have a missing or incorrect php.ini/php handler htaccess code in your root htaccess file.
If your website is currently not loading then do these steps to get your site back up.
1. Delete your root htaccess file.
2. Use FTP and rename the /bulletproof-security/ plugin folder to /_bulletproof-security/.
3. Login to your website, go to the WordPress Plugins page and click the Must-Use link at the top of the Plugins page. If AutoRestore is turned Off you will see – “AutoRestore is turned Off” in green font under the BPS Pro MU Tools must-use plugin. Stop here and go to Step 4. If AutoRestore is not turned Off then click the “Turn Off AutoRestore” link. Stop here and go to Step #4. If you do not see either “AutoRestore is turned Off” in green font or the “Turn Off AutoRestore” link then you have an older version of BPS Pro installed and will need to delete the /_bulletproof-security/ plugin folder using FTP or your web host control panel file manager and install the most current version of BPS Pro. See this forum topic for how to upgrade BPS Pro > https://forum.ait-pro.com/forums/topic/bulletproof-security-pro-bps-pro-upgrade-installation-methods/. Important Note: You will not lose any of your BPS Pro plugin settings when you delete the /_bulletproof-security/ plugin folder since all plugin settings are saved in your WordPress Database.
4. Rename the /_bulletproof-security/ plugin folder back to /bulletproof-security/.
5. Do not activate Root folder BulletProof Mode or turn AutoRestore back on until I’ve had a chance to look at your root htaccess file code.ParticipantThanks for looking into it. The site is currently working, but obviously have this .htaccess stuck in quarantine:
# BULLETPROOF PRO 14.6 SECURE .HTACCESS # CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE # PHP/php.ini handler htaccess code AddHandler application/x-httpd-ea-php74 .php .php7 .phtml # BEGIN WP Rocket v3.6.3 # Use UTF-8 encoding for anything served text/plain or text/html AddDefaultCharset UTF-8 # Force UTF-8 for a number of file formats <IfModule mod_mime.c> AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml </IfModule> # FileETag None is not enough for every server. <IfModule mod_headers.c> Header unset ETag </IfModule> # Since we’re sending far-future expires, we don’t need ETags for static content. # developer.yahoo.com/performance/rules.html#etags FileETag None <IfModule mod_alias.c> <FilesMatch "\.(html|htm|rtf|rtx|txt|xsd|xsl|xml)$"> <IfModule mod_headers.c> Header set X-Powered-By "WP Rocket/3.6.3" Header unset Pragma Header append Cache-Control "public" Header unset Last-Modified </IfModule> </FilesMatch> <FilesMatch "\.(css|htc|js|asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$"> <IfModule mod_headers.c> Header unset Pragma Header append Cache-Control "public" </IfModule> </FilesMatch> </IfModule> # Expires headers (for better cache control) <IfModule mod_expires.c> ExpiresActive on ExpiresDefault "access plus 1 month" # cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5) ExpiresByType text/cache-manifest "access plus 0 seconds" # Your document html ExpiresByType text/html "access plus 0 seconds" # Data ExpiresByType text/xml "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType application/json "access plus 0 seconds" # Feed ExpiresByType application/rss+xml "access plus 1 hour" ExpiresByType application/atom+xml "access plus 1 hour" # Favicon (cannot be renamed) ExpiresByType image/x-icon "access plus 1 week" # Media: images, video, audio ExpiresByType image/gif "access plus 4 months" ExpiresByType image/png "access plus 4 months" ExpiresByType image/jpeg "access plus 4 months" ExpiresByType image/webp "access plus 4 months" ExpiresByType video/ogg "access plus 1 month" ExpiresByType audio/ogg "access plus 1 month" ExpiresByType video/mp4 "access plus 1 month" ExpiresByType video/webm "access plus 1 month" # HTC files (css3pie) ExpiresByType text/x-component "access plus 1 month" # Webfonts ExpiresByType font/ttf "access plus 4 months" ExpiresByType font/otf "access plus 4 months" ExpiresByType font/woff "access plus 4 months" ExpiresByType font/woff2 "access plus 4 months" ExpiresByType image/svg+xml "access plus 1 month" ExpiresByType application/vnd.ms-fontobject "access plus 1 month" # CSS and JavaScript ExpiresByType text/css "access plus 1 year" ExpiresByType application/javascript "access plus 1 year" </IfModule> # Gzip compression <IfModule mod_deflate.c> # Active compression SetOutputFilter DEFLATE # Force deflate for mangled headers <IfModule mod_setenvif.c> <IfModule mod_headers.c> SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding # Don’t compress images and other uncompressible content SetEnvIfNoCase Request_URI \ \.(?:gif|jpe?g|png|rar|zip|exe|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf)$ no-gzip dont-vary </IfModule> </IfModule> # Compress all output labeled with one of the following MIME-types <IfModule mod_filter.c> AddOutputFilterByType DEFLATE application/atom+xml \ application/javascript \ application/json \ application/rss+xml \ application/vnd.ms-fontobject \ application/x-font-ttf \ application/xhtml+xml \ application/xml \ font/opentype \ image/svg+xml \ image/x-icon \ text/css \ text/html \ text/plain \ text/x-component \ text/xml </IfModule> <IfModule mod_headers.c> Header append Vary: Accept-Encoding </IfModule> </IfModule> # END WP Rocket # TURN OFF YOUR SERVER SIGNATURE # Suppresses the footer line server version number and ServerName of the serving virtual host ServerSignature Off # DO NOT SHOW DIRECTORY LISTING # Disallow mod_autoindex from displaying a directory listing # If a 500 Internal Server Error occurs when activating Root BulletProof Mode # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code # and paste it into BPS Custom Code and comment out Options -Indexes # by adding a # sign in front of it. # Example: #Options -Indexes Options -Indexes # DIRECTORY INDEX FORCE INDEX.PHP # Use index.php as default directory index file. index.html will be ignored. # If a 500 Internal Server Error occurs when activating Root BulletProof Mode # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections of code # and paste it into BPS Custom Code and comment out DirectoryIndex # by adding a # sign in front of it. # Example: #DirectoryIndex index.php index.html /index.php DirectoryIndex index.php index.html /index.php # BRUTE FORCE LOGIN PAGE PROTECTION # PLACEHOLDER ONLY # Use BPS Custom Code to add Brute Force Login protection code and to save it permanently. # See this link: https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/ # for more information. # BPS PRO ERROR LOGGING AND TRACKING # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # BPS Pro has premade 400 Bad Request, 403 Forbidden, 404 Not Found, 405 Method Not Allowed and # 410 Gone template logging files that are used to track and log 400, 403, 404, 405 and 410 errors # that occur on your website. When a hacker attempts to hack your website the hackers IP address, # Host name, Request Method, Referering link, the file name or requested resource, the user agent # of the hacker and the query string used in the hack attempt are logged. # All BPS Pro log files are htaccess protected so that only you can view them. # The 400.php, 403.php, 404.php, 405.php and 410.php files are located in /wp-content/plugins/bulletproof-security/ # The 400, 403, 405 and 410 Error logging files are already set up and will automatically start logging errors # after you install BPS Pro and have activated BulletProof Mode for your Root folder. # If you would like to log 404 errors you will need to copy the logging code in the BPS Pro 404.php file # to your Theme's 404.php template file. Simple instructions are included in the BPS Pro 404.php file. # You can open the BPS Pro 404.php file using the WP Plugins Editor or by using the BPS Pro File Manager. # NOTE: By default WordPress automatically looks in your Theme's folder for a 404.php Theme template file. ErrorDocument 400 /wp-content/plugins/bulletproof-security/400.php ErrorDocument 401 default ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php ErrorDocument 404 /404.php ErrorDocument 405 /wp-content/plugins/bulletproof-security/405.php ErrorDocument 410 /wp-content/plugins/bulletproof-security/410.php # DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # Files and folders starting with a dot: .htaccess, .htpasswd, .errordocs, .logs RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$ # WP-ADMIN/INCLUDES # Use BPS Custom Code to remove this code permanently. RewriteEngine On RewriteBase / RewriteRule ^wp-admin/includes/ - [F] RewriteRule !^wp-includes/ - [S=3] RewriteRule ^wp-includes/[^/]+\.php$ - [F] RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F] RewriteRule ^wp-includes/theme-compat/ - [F] # WP REWRITE LOOP START RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] # REQUEST METHODS FILTERED # If you want to allow HEAD Requests use BPS Custom Code and copy # this entire REQUEST METHODS FILTERED section of code to this BPS Custom Code # text box: CUSTOM CODE REQUEST METHODS FILTERED. # See the CUSTOM CODE REQUEST METHODS FILTERED help text for additional steps. RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC] RewriteRule ^(.*)$ - [F] RewriteCond %{REQUEST_METHOD} ^(HEAD) [NC] RewriteRule ^(.*)$ /wp-content/plugins/bulletproof-security/405.php [L] # PLUGINS/THEMES AND VARIOUS EXPLOIT FILTER SKIP RULES # To add plugin/theme skip/bypass rules use BPS Custom Code. # The [S] flag is used to skip following rules. Skip rule [S=12] will skip 12 following RewriteRules. # The skip rules MUST be in descending consecutive number order: 12, 11, 10, 9... # If you delete a skip rule, change the other skip rule numbers accordingly. # Examples: If RewriteRule [S=5] is deleted than change [S=6] to [S=5], [S=7] to [S=6], etc. # If you add a new skip rule above skip rule 12 it will be skip rule 13: [S=13] # CUSTOM CODE PLUGIN/THEME SKIP/BYPASS RULES # WooCommerce order & wc-ajax= Query String skip/bypass rule RewriteCond %{QUERY_STRING} .*(order|wc-ajax=).* [NC] RewriteRule . - [S=15] # WooCommerce shop, cart, checkout & wishlist URI skip/bypass rule RewriteCond %{REQUEST_URI} ^.*/(shop|cart|checkout|wishlist).* [NC] RewriteRule . - [S=14] # WP Rocket plugin skip/bypass rule RewriteCond %{REQUEST_URI} ^/wp-content/plugins/wp-rocket/ [NC] RewriteRule . - [S=13] # Adminer MySQL management tool data populate RewriteCond %{REQUEST_URI} ^/wp-content/plugins/adminer/ [NC] RewriteRule . - [S=12] # Comment Spam Pack MU Plugin - CAPTCHA images not displaying RewriteCond %{REQUEST_URI} ^/wp-content/mu-plugins/custom-anti-spam/ [NC] RewriteRule . - [S=11] # Peters Custom Anti-Spam display CAPTCHA Image RewriteCond %{REQUEST_URI} ^/wp-content/plugins/peters-custom-anti-spam-image/ [NC] RewriteRule . - [S=10] # Status Updater plugin fb connect RewriteCond %{REQUEST_URI} ^/wp-content/plugins/fb-status-updater/ [NC] RewriteRule . - [S=9] # Stream Video Player - Adding FLV Videos Blocked RewriteCond %{REQUEST_URI} ^/wp-content/plugins/stream-video-player/ [NC] RewriteRule . - [S=8] # XCloner 404 or 403 error when updating settings RewriteCond %{REQUEST_URI} ^/wp-content/plugins/xcloner-backup-and-restore/ [NC] RewriteRule . - [S=7] # BuddyPress Logout Redirect RewriteCond %{QUERY_STRING} action=logout&redirect_to=http%3A%2F%2F(.*) [NC] RewriteRule . - [S=6] # redirect_to= RewriteCond %{QUERY_STRING} redirect_to=(.*) [NC] RewriteRule . - [S=5] # Login Plugins Password Reset And Redirect 1 RewriteCond %{QUERY_STRING} action=resetpass&key=(.*) [NC] RewriteRule . - [S=4] # Login Plugins Password Reset And Redirect 2 RewriteCond %{QUERY_STRING} action=rp&key=(.*) [NC] RewriteRule . - [S=3] # CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE # TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # Remote File Inclusion (RFI) security rules # Note: Only whitelist your additional domains or files if needed - do not whitelist hacker domains or files RewriteCond %{QUERY_STRING} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR] RewriteCond %{THE_REQUEST} ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami|petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.com|upload\.wikimedia|kkc|start-thegame).*$ [NC] RewriteRule .* index.php [F] # # Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.php|thumb\.php|thumbs\.php) RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.php|thumb\.php|thumbs\.php) [NC] # Example: Whitelist additional website domains: RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).* RewriteCond %{HTTP_REFERER} ^.*unplugrentals.com.* RewriteRule . - [S=1] # CUSTOM CODE BPSQSE BPS QUERY STRING EXPLOITS # BEGIN BPSQSE BPS QUERY STRING EXPLOITS # The libwww-perl User Agent is forbidden - Many bad bots use libwww-perl modules, but some good bots use it too. # Good sites such as W3C use it for their W3C-LinkChecker. # Use BPS Custom Code to add or remove user agents temporarily or permanently from the # User Agent filters directly below or to modify/edit/change any of the other security code rules below. RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl|scan|winhttp|clshttp|loader) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (;|<|>|'|"|\)|\(|%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR] RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%20+\\s+)(http|https)(:/|/) [NC,OR] RewriteCond %{THE_REQUEST} etc/passwd [NC,OR] RewriteCond %{THE_REQUEST} cgi-bin [NC,OR] RewriteCond %{THE_REQUEST} (%0A|%0D|\\r|\\n) [NC,OR] RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR] RewriteCond %{HTTP_REFERER} (%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_REFERER} \.opendirviewer\. [NC,OR] RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(http|https):// [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR] RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC,OR] RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%2e%2e/|\.\.%2f|%2e\.%2f|%2e\./|\.%2e%2f|\.%2e/) [NC,OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} (http|https)\: [NC,OR] RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)/self/(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)cPath=(http|https)://(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*embed.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^e]*e)+mbed.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*object.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^o]*o)+bject.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR] RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>|%3c|%3e).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\x20|\x3c|\x3e|\x7f).* [NC,OR] RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE) [OR] RewriteCond %{QUERY_STRING} (\.{1,}/)+(motd|etc|bin) [NC,OR] RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR] RewriteCond %{QUERY_STRING} (<|>|'|%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR] RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING} \-[sdcr].*(allow_url_include|allow_url_fopen|safe_mode|disable_functions|auto_prepend_file) [NC,OR] RewriteCond %{QUERY_STRING} (;|<|>|'|"|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare|order|script|set|md5|benchmark|encode) [NC,OR] RewriteCond %{QUERY_STRING} (sp_executesql) [NC] RewriteRule ^(.*)$ - [F] # END BPSQSE BPS QUERY STRING EXPLOITS RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # WP REWRITE LOOP END # DENY BROWSER ACCESS TO THESE FILES # Use BPS Custom Code to modify/edit/change this code and to save it permanently. # wp-config.php, bb-config.php, php.ini, php5.ini, readme.html # To be able to view these files from a Browser, replace 127.0.0.1 with your actual # current IP address. Comment out: #Require all denied and Uncomment: Require ip 127.0.0.1 # Comment out: #Deny from all and Uncomment: Allow from 127.0.0.1 # Note: The BPS System Info page displays which modules are loaded on your server. <FilesMatch "^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php)"> <IfModule mod_authz_core.c> Require all denied #Require ip 127.0.0.1 </IfModule> <IfModule !mod_authz_core.c> <IfModule mod_access_compat.c> Order Allow,Deny Deny from all #Allow from 127.0.0.1 </IfModule> </IfModule> </FilesMatch> # HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE # PLACEHOLDER ONLY # Use BPS Custom Code to add custom code and save it permanently here. # BEGIN cPanel-generated php ini directives, do not edit # Manual editing of this file may result in unexpected behavior. # To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor) # For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI) <IfModule php7_module> php_flag display_errors Off php_value max_execution_time 30 php_value max_input_time 60 php_value max_input_vars 1000 php_value memory_limit 256M php_value post_max_size 8M php_value session.gc_maxlifetime 1440 php_value session.save_path "/var/cpanel/php/sessions/ea-php73" php_value upload_max_filesize 8M php_flag zlib.output_compression Off </IfModule> <IfModule lsapi_module> php_flag display_errors Off php_value max_execution_time 30 php_value max_input_time 60 php_value max_input_vars 1000 php_value memory_limit 256M php_value post_max_size 8M php_value session.gc_maxlifetime 1440 php_value session.save_path "/var/cpanel/php/sessions/ea-php73" php_value upload_max_filesize 8M php_flag zlib.output_compression Off </IfModule> # END cPanel-generated php ini directives, do not editSeems there are a few things missing at the end as well. This is what is normally there:
# CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE # REDIRECT OLD PAGES Redirect 301 /jayco-swan-outback/ /vehicles/jayco-swan-outback/ Redirect 301 /conqueror-uev490-evolution/ /fleet/ Redirect 301 /vehicles/conqueror-uev-490-evolution/ /fleet/ # BEGIN rlrssslReallySimpleSSL rsssl_version[3.3.4] <IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTPS} !=on [NC] RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/ RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L] </IfModule> # END rlrssslReallySimpleSSL # php -- BEGIN cPanel-generated handler, do not edit # Set the “ea-php74” package as the default “PHP” programming language. <IfModule mime_module> AddHandler application/x-httpd-ea-php74 .php .php7 .phtml </IfModule> # php -- END cPanel-generated handler, do not editThanks for looking into it.
SashKeymasterInstead of restoring the root htaccess file from Quarantine, delete it. Send me a WordPress Administrator login to your site so I can fix, setup, correct whatever needs to be done in BPS Pro Custom Code/your root htaccess file. You have quite a lot of additional htaccess code in your root htaccess file and it would simply be faster for me to handle this issue vs typing out and explaining all the steps in a forum reply. Send your site login info to: info at ait-pro dot com.
ParticipantDone, thank you!
KeymasterCurrently your site is working fine without the code below in your root htaccess. I’m pretty sure that this code below is causing the 403 error when trying to restore the root htaccess file from Quarantine. Your host server type is: litespeed CGI Host Server Type. The code below is typically used in a DSO and not a CGI server type. At this point I am hesitant to experiment with testing this because adding the php7 module IfModule section of code will probably cause your website to crash and I don’t have FTP access to your hosting account. If you want me to test this out then please send me FTP access to your hosting account. If you want to test this out then start with only including the lsapi module section of code by saving it in this BPS Pro Custom Code text box > 14. CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE, save your Custom Code and then activate Root Folder BulletProof Mode. If everything is fine at that point then add the php7 module IfModule section of code and repeat the same process. ie add the code to Custom Code, save it and activate Root folder BulletProof Mode. IMPORTANT!!! Combine both sections of IfModule code so that there are NO whitespaces/gaps in the sections of code. The reason for that is cPanel will probably see that the code needs to updated again and the same problem will occur with the Root htaccess file being quarantined again.
# BEGIN cPanel-generated php ini directives, do not edit # Manual editing of this file may result in unexpected behavior. # To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor) # For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI) <IfModule php7_module> php_flag display_errors Off php_value max_execution_time 30 php_value max_input_time 60 php_value max_input_vars 1000 php_value memory_limit 256M php_value post_max_size 8M php_value session.gc_maxlifetime 1440 php_value session.save_path "/var/cpanel/php/sessions/ea-php73" php_value upload_max_filesize 8M php_flag zlib.output_compression Off </IfModule>
This section of code should technically work fine because it is doing a check for the LiteSpeed lsapi module.
<IfModule lsapi_module> php_flag display_errors Off php_value max_execution_time 30 php_value max_input_time 60 php_value max_input_vars 1000 php_value memory_limit 256M php_value post_max_size 8M php_value session.gc_maxlifetime 1440 php_value session.save_path "/var/cpanel/php/sessions/ea-php73" php_value upload_max_filesize 8M php_flag zlib.output_compression Off </IfModule> # END cPanel-generated php ini directives, do not edit
KeymasterAnd probably you only need the IfModule lsapi_module section of code anyway since your server type is LiteSpeed CGI, but the automated cPanel updater may try to update that code again. If that is the case then you could just use the IfModule lsapi_module section of code and then if the same file quarantine problem with the root htaccess file occurs again then you would just delete the root htaccess file instead of trying to restore it from Quarantine.
I locked your root htaccess file and turned on AutoLock, but my guess would be that cPanel would just simply override the lock and update your root htaccess file anyway.
-
AuthorPosts
Viewing 7 posts - 1 through 7 (of 7 total)
- You must be logged in to reply to this topic.