An htaccess file has been detected in the wp-content folder that breaks BPS features and functionality

Home Forums BulletProof Security Pro An htaccess file has been detected in the wp-content folder that breaks BPS features and functionality

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #40664
    AITpro Admin
    Keymaster

    Email Question:

    Hi, I just bought BPS Pro and set it up on a website. Initially, I wasn’t sure how to set it up, so I installed the free version (thinking there was going to be a way to upgrade it). Once I remembered that I already downloaded the Pro version and just needed to upload it, I immediately did a complete uninstallation of the free version of the plugin. I don’t know if that’s relevant, but after subsequently setting up Bulletproof Pro, I now get an error message that says:

    “An htaccess file has been detected in the wp-content folder that breaks BPS features and functionality If you have or had the Sucuri, Defender or iThemes Security plugins installed, they create a wp-content htaccess file that breaks several things in BPS Pro and other plugins as well.
    To fix the Sucuri problem go to the Sucuri Settings page, click the Hardening tab and click the Revert Hardening button for the Block PHP Files in WP-CONTENT Directory option setting.
    To fix the Defender Security problem go to the Security Tweaks page, click the PHP Execution option setting and click the Revert button.
    o fix the iThemes problem go to the System Tweaks page, uncheck the Disable PHP in Plugins option setting.
    To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the S-Monitor page.”

    I’ve never had any of those plugins installed. So, I’m not sure what I’m supposed to do in order to fix whatever problem there is. When I ran the pre-setup wizard and the setup wizard, all the text was green. Please let me know how to fix whatever issues there are with my .htaccess file. I need to make sure BPS Pro isn’t broken.

    Thanks,
    Connor

    PS – I was also getting a notification that said that my activation code was invalid (or something to that effect), but I could dismiss it if I was seeing the pre-setup and setup wizard buttons (which I am). So, I assume that’s nothing to be concerned about, right? Will BPS Pro still be fully functional and do everything it’s supposed to?

    #40666
    AITpro Admin
    Keymaster

    Answer:

    Hi Connor,

    There are probably some other plugins that create a /wp-content/.htaccess file that blocks/breaks php execution in the /wp-content/ folder and all subfolders. Use FTP or your web host control panel file manager, open the wp-content .htaccess file and send me the code in that file.

    If you successfully ran the Pre-Installation Wizard and Setup Wizard then yep BPS Pro is successfully installed, setup and fully functional.

    Thanks

    Update:

    The SiteGround Security plugin has added/created the /wp-content/.htaccess file. To remove the /wp-content/.htaccess file go to > SG Security > Site Security > Lock and Protect System Folders > Change the Toggle to Off.

    # SGS Directory Hardening
    <FilesMatch "\.(?i:php)$”>
    <IfModule !mod_authz_core.c>
    Order allow,deny
    Deny from all
    </IfModule>
    <IfModule mod_authz_core.c>
    Require all denied
    </IfModule>
    </FilesMatch>
    

    Additionally the SG Security plugin creates this htaccess code below at the top of the root htaccess file. Do the steps below to add the SG Security htaccess code to BPS Custom Code.

    1. Copy the SG Optimizer htaccess code below into this BPS Root Custom Code text box: 1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE.
    2. Click the Save Root Custom Code button.
    3. Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.

    # SGS XMLRPC Disable Service
    <Files xmlrpc.php>
    order deny,allow
    deny from all
    </Files>
    # SGS XMLRPC Disable Service END
    # SGS XSS Header Service
    <IfModule mod_headers.c>
    # SGS XSS
    Header always set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
    # SGS XSS END
    </IfModule>
    # SGS XSS Header Service END
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.