WP-Client Web Portal

Home Forums BulletProof Security Free WP-Client Web Portal

This topic contains 4 replies, has 3 voices, and was last updated by  AITpro Admin 6 years, 5 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #2335

    Sophia-CSM
    Member

    Hi, My client requires me to use the WP Client Panel plugin. This is a premium plugin so please let me know what you need in order to investigate: http://wp-client.com/ I’ve noticed that the supposed Client Dashboard generated by this plugin for clients to see isn’t showing up when I activated the BPS plugin (URL is …/dashboard). It just redirects to the URL …/wp-admin I tried to deactivate BPS without restoring the default .htaccess files (secured .htaccess are still intact when I checked through cPanel) and the Client Dashboard still shows up fine. I am guessing there must be something during activation that messes up with the WP Client Panel plugin, not the generated secured htaccess files themselves. I also did some troubleshooting regarding the file permissions, nothing affects the plugin’s functionality, just the activation of the BPS plugin. Please help as I really wanted to use this plugin for security. Thanks, Sophia

    #2338

    AITpro Admin
    Keymaster

    I need more information about the issue/problem to be able to troubleshoot this.  

    BPS plugin activation itself only activates the plugin and does not add any security protection until you activate BulletProof Modes.  The only thing I can think of that could possibly be causing some sort of issue would be if there is a jQuery conflict of some kind or if WP-Client plugin is using a duplicate function that is already in BPS.  BPS jQuery and all other scripts are self-contained and load only in BPS plugin pages, but if you have a plugin that is not containing it’s scripts and they load throughout other plugins pages then there could be some sort of conflict.  Usually only BPS is broken because of this coding mistake in other plugins and not the other way around.

    So what I need from you are any errors messages that you see or log entries indicating an error – BPS Security Log, php error log, Server Log, WordPress Debug Log. You can turn on the WordPress Debugger by adding this code in your wp-config.php file.

    /**
    * For developers: WordPress debugging mode.
    *
    * Change this to true to enable the display of notices during development.
    * It is strongly recommended that plugin and theme developers use WP_DEBUG
    * in their development environments.
    */
    define('WP_DEBUG', true);
    define('WP_DEBUG_LOG', true);
    define('WP_DEBUG_DISPLAY', true);
    

     

    #2339

    AITpro Admin
    Keymaster

    Also both the Root and wp-admin BulletProof Modes must be activated in order for BPS to work correctly.  If you activate Root BulletProof Mode then you MUST also activate wp-admin BulletProof Mode.  If the WP-Client uses or creates .htaccess code or files then you would need to combine that .htaccess code using the BPS Custom Code feature to create combined Master .htaccess files and then activate those new combined Master .htaccess files.

    #7294

    John Kumm
    Participant

    I’ve verified that it is possible for WP Client Panel to co-exist happily beside BPS by modifying the BPS secure .htaccess file.

    WP Client Panel generates its own .htaccess file with the following code:

    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteRule ^dashboard/(.*) /wp-content/plugins/client_panel/dashboard.php?$1 [QSA,L]
    RewriteRule ^dashboard /wp-content/plugins/client_panel/dashboard.php [QSA,L]
    RewriteRule ^login/?$ /wp-login.php?dashboard=yes [QSA,L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    I included this code into the BPS secure .htaccess file between the code commented as: # WP-ADMIN/INCLUDES and the code sequence commented as: # WP REWRITE LOOP START

    The result has been that it seems that BPS is still able to offer the full level of protection for the site while WP Client Panel can operate as expected.

    #7303

    AITpro Admin
    Keymaster

    Thanks for posting this info.

    Based on your successful results you can add the WP Client .htaccess code to BPS Custom Code
    1. Add your code to Custom Code.
    2. Click the Save Root Custom Code button.
    3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.
    Note: The IfModule conditional code is not necessary in this case.

    CUSTOM CODE WP REWRITE LOOP START:

    # WP REWRITE LOOP START
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteRule ^dashboard/(.*) /wp-content/plugins/client_panel/dashboard.php?$1 [QSA,L]
    RewriteRule ^dashboard /wp-content/plugins/client_panel/dashboard.php [QSA,L]
    RewriteRule ^login/?$ /wp-login.php?dashboard=yes [QSA,L]
Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.