Installation Question: BPS has detected that htaccess files cannot be used on your website/server.

Home Forums BulletProof Security Pro Installation Question: BPS has detected that htaccess files cannot be used on your website/server.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #40003
    Mark Silen
    Participant

    Hi.  I got the message: BPS has detected that htaccess files cannot be used on your website/server.

    For a platform plugin critical to my site, the following was set up a few days ago: “AllowOverride should be set to All in folders where .htaccess is located.”  This was enabled in the Apache configuration.

    <Directory /var/www/> 
    Options Indexes 
    FollowSymLinks 
    AllowOverride All 
    Require all granted 
    </Directory>

    My host tells me that this configuration “wouldn’t block access”.

    Should I follow this: It is possible that BPS has incorrectly detected that your website/server cannot use htaccess files.  If you are sure your website/server can use htaccess files then go to the Setup Wizard Options tab page and change the Enable|Disable htaccess Files option setting to:  htaccess Files Enabled and click the Enable|Disable button.  You can then run the Wizards and all BPS htaccess features and files will be created and enabled.  Please post a reply in this forum topic with your BPS System Info page information below posted in your forum reply so we can find out why BPS incorrectly detected that your website/server cannot use htaccess files.

    Thanx !!!!!

    Mark

    #40004
    AITpro Admin
    Keymaster

    Yep, BPS may have incorrectly determined that .htaccess files cannot be used on your website.  Go to the Setup Wizard Options tab page and change the Enable|Disable htaccess Files option setting to: htaccess Files Enabled and click the Enable|Disable button.  Then run the Wizards. Let me know if any problems occur after enabling htaccess files and running the Wizards.

    #40011
    Mark Silen
    Participant

    Worked like a charm !!!!!!!

    Thanx !!!!!!!

    Mark

    #40013
    AITpro Admin
    Keymaster

    Great!  Thanks for confirming that.  I think there might be a new issue somewhere with the changes I made to Apache Modules|Directives tests code in BPS Pro 15.1.  Probably just a simple conditional check somewhere needs to be fixed.  I’ve had a couple of other people run into this same issue since BPS Pro 15.1 was released.  If there is a bug in the Apache Modules|Directives tests code then I’ll fix that in the next BPS Pro release.

    https://www.ait-pro.com/aitpro-blog/5671/bulletproof-security-pro/whats-new-in-bulletproof-security-pro-15-1/

    • Procedural Update: Apache Modules|Directives tests: New condition added for mod_access_compat tests. All htaccess testing code is now wrapped in IfModule conditional code. The View Visual Test link and page has been removed from the BPS System Info page.

    #40015
    AITpro Admin
    Keymaster

    I found the bug.  Yep, accidentally reversed a particular conditional check in the Apache Modules|Directives tests code in BPS Pro 15.1.  This will be fixed in BPS Pro 15.3.

    #40016
    Mark Silen
    Participant

    You rock !!!!!!!

    Mark

    #40017
    AITpro Admin
    Keymaster

    Well as it turns out there is not a bug in the BPS Apache Modules|Directives tests code.  I’m not really sure why this issue has occurred for a few people.  Do me a favor and go to the BPS Pro > Logs & Info menu > System Info page > copy the Apache Modules|Directives|Backward Compatibility(Yes|No)|IfModule(Yes|No) section of test results (example below) and paste the test results in your forum reply.

    Apache Modules|Directives|Backward Compatibility(Yes|No)|IfModule(Yes|No):
    200: mod_access_compat is not Loaded|IfModule: Yes
    403: mod_authz_core is Loaded|Order, Allow, Deny directives are not supported|BC: No|IfModule: Yes
    403: mod_authz_host is Loaded|Order, Allow, Deny directives are not supported|BC: No|IfModule: Yes
    200: mod_rewrite Module is Loaded|IfModule: Yes
    403: mod_security2 Module is Loaded|Enabled|IfModule: Yes

    #40018
    Mark Silen
    Participant

    Here you go……..

    Apache Modules|Directives|Backward Compatibility(Yes|No)|IfModule(Yes|No):
    403: mod_access_compat is Loaded|Order, Allow, Deny directives are supported|IfModule: Yes
    403: mod_authz_core is Loaded|Order, Allow, Deny directives are supported|BC: Yes|IfModule: Yes
    403: mod_authz_host is Loaded|Order, Allow, Deny directives are supported|BC: Yes|IfModule: Yes
    200: mod_rewrite Module is Loaded|IfModule: Yes
    403: mod_security2 Module is Loaded|Enabled|IfModule: Yes

    Mark

    #40019
    AITpro Admin
    Keymaster

    The Apache Modules|Directives test results look normal.  I guess this will remain a mystery for now. 😉

Viewing 9 posts - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.