Installing W3 Total Cache with BulletProof Security Pro

[AITpro Admin]

It is a personal recommendation to turn off checking and alerts for the wp-config.php file after unlocking the wp-config.php file. You can of course choose not to do that and relock and turn on checking and alerts for the wp-config.php file after you are done setting up W3TC.

[armintz]

thanks. from step #8 again:

There a few W3TC files that are dynamically updated so they need to have AutoRestore Exclude rules for those files.  These are example paths to these files.  You would of course use your actual website’s path to these files.
/home/xxxxx/public_html/xxxxx/wp-content/object-cache.php
/home/xxxxx/public_html/xxxxx/wp-content/advanced-cache.php
/home/xxxxx/public_html/xxxxx/wp-content/db.php

In Filezilla, i only see advanced-cache.php (no object-cache.php or db.php) in my wp-content folder. Does this mean I simply put my advanced-cache.php file in the bps pro > autorestore > exclude wp-content folders tab?

I have to follow this process on 20 other similar sites (all on same server) so I want to do it right the first time so I can power through the rest.

[AITpro Admin]

If you only see the W3TC advanced-cache.php file then that would probably mean you are not using DB and Object cache in W3TC so you would only need to create a single file exclude rule for the advanced-cache.php file. There are different tools for excluding “folders” and “files” from being checked by AutoRestore.  The Exclude wp-content Folders tab page/tool is for excluding “folders” under the wp-content Folder ONLY.  The Add|Exclude Other Folders & Files allows you to exclude single files like:  advanced-cache.php.  See this AutoRestore|Quarantine Exclude Folders & Files Video Tutorial:  http://forum.ait-pro.com/video-tutorials/#autorestore-quarantine

[armintz]

i’m getting a “____ is not a valid file path.” error when trying to exclude files. I’ve tried this: /homel/hesslawm/public_html/wp-content/advanced-cache.php and this: http://www.hesslawme.com/wp-content/advanced-cache.php

cpanel screenshot of ftp area so you can see directory setup: http://s14.postimg.org/7k88c1jz5/bluehost_directory_for_bulletproof.png
screenshot of bps pro > autorestore > add|exclude other files and folders tab:
http://s14.postimg.org/a2yiqgv35/Screen_Shot_2015_11_30_at_11_05_51_AM.png
What am I doing wrong here?

[AITpro Admin]

Do these steps:
1. Turn On AutoRestore.
2. Allow the advanced-cache.php file to be quarantined.  You can do this by changing your W3TC settings, which should change this file and cause it to be autorestored.
3. Turn Off AutoRestore.
4. Go To Quarantine and restore the advanced-cache.php file from Quarantine.
5. Go to the Quarantine Log tab page and copy the Restore Path: /xxxxx/xxxxx/wp-content/advanced-cache.php
6. Go to the AutoRestore Add|Exclude Other Folders & Files tab page.
7. Use the Exclude Folders & Files tool > select Exclude an Individual File > paste the file path that you copied from your Quarantine Log and click the Exclude button.

[armintz]

2. Allow the advanced-cache.php file to be quarantined.  You can do this by changing your W3TC settings, which should change this file and cause it to be autorestored.
—
What is the process for this? I don’t see any quarantine options in my W3 plugin settings. If you want to move this to email versus the forum, let me know… although I really think that it may be educational for others. You guys make these steps seem really easy, (which they probably are to you, because you know your plugin like the back of your hand), but keep in mind many of us are just average bloggers who have had a site previously hacked or designers who don’t have the budget for a staff to take care of the technical side.

[AITpro Admin]

The only problem here is that either the advanced-cache.php file does not actually exist here:  /xxxx/xxxx/wp-content/advanced-cache.php or you are entering an invalid path to that file.  So you would just need to make sure the file actually really exists and that the path to the file is correct when you are creating the AutoRestore single file exclude rule.  If you would like for me to do this for you then send an Administrator login to this website to email address:  info at ait-pro dot com.

[AITpro Admin]

Steps to solve the issues:

1. Turned Off AutoRestore.
2. Went to F-Lock and unlocked the root htaccess file and wp-config.php file.
2. Deactivated and Activated the W3TC plugin.
3. Went to the B-Core > htaccess File Editor page.
4. Copied your W3TC cache code from the root htaccess file to BPS Custom Code.
Note: I redid these steps even though I already found W3TC htaccess cache code in BPS Custom Code.
5. Did the Root htaccess File Custom Code Setup Steps below.
Root htaccess File Custom Code Setup Steps
– 1. Enter your custom code in the appropriate Root Custom Code text box.
– 2. Click the Save Root Custom Code button to save your Root custom code.
– 3. Go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.
6. Went to F-Lock, locked your root htaccess file and turned off checking and alerts for your wp-config.php file.
7. Used the BPS Pro P-Security > File Editor tool to verify that this file really exists:
/home1/hesslawm/public_html/wp-content/advanced-cache.php
8. Created an AutoRestore single file exclude rule for this file.

Additional things:
Deleted all files in Quarantine since they were related to the W3TC setup, which was redone.
Checked your Security Log and found this Security Log entry.  Cleared your W3TC Cache and the Security Log entry is no longer occurring.

[403 GET|HEAD Request: November 30, 2015 4:24 pm]
Event Code: BFHS - Blocked/Forbidden Hacker or Spammer
Solution: N/A - Hacker/Spammer Blocked/Forbidden
REMOTE_ADDR: 209.222.213.68
Host Name: NatKingCole.mpbn.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: http://hesslawme.com/areas-of-practice/
REQUEST_URI: /wp-content/cache/minify/000000/RYtRCoAgEEQvlEoUdJ7QLTbcXdOV8PZZP8L8vDczq_NCBKwmQ4rNEvK0uIpdZxj0YDhBBycpqCg8jIpExfSLub9Zd6_mkExmc8g-1gDFXT13hdzs13zjFw.js
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36

[armintz]

thanks for this. seemed to work fine on another install.

5. Did the Root htaccess File Custom Code Setup Steps below.
– 1. Enter your custom code in the appropriate Root Custom Code text box.

which custom code are you referring to here?

[AITpro Admin]

http://forum.ait-pro.com/forums/topic/installing-w3-total-cache-with-bulletproof-security-pro/#post-412

4. Copy W3TC .htaccess code from your root htaccess file to this BPS Pro Custom Code text box: CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE.

[armintz]

From post #26709 above, is your step #5 the same thing as step #4?

[AITpro Admin]

Yes.  “Did the Root htaccess File Custom Code Setup Steps below.” == “Copy W3TC .htaccess code from your root htaccess file to this BPS Pro Custom Code text box: CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE.” and then the rest of the normal standard Custom Code setup steps anytime you are adding custom code to BPS Custom Code.

[armintz]

okay thanks for confirming and for all your help with getting this to work awesome with W3. Two of the most critical plugins of my installs (speed + security!) are now working together flawlessly.

[armintz]

Had to make some changes to W3 to correct some mobile/caching issues – specifically adding a list of mobile devices in performance > page cache > rejected user agents (“never send cache pages for these user agents”)

After doing so, I am getting the dreaded errors at the top of my dashboard:

W3 Total Cache Error: Files and directories could not be automatically created to complete the installation.
Please execute commands manually View required changes
or use FTP form to allow W3 Total Cache make it automatically.

What’s the proper BPS Pro protocol for making changes to W3 without things going haywire? I tried BPS > security modes> create default htaccess, deactiving root folder option, deactivating wp-admin option, and going to F-Lock and unlocking the root htaccess file and wp-config.php file…

[AITpro Admin]

The W3 Total Cache Error simply means:  W3TC could not do/change/add something because the Root htaccess file is locked.  So if you are making any setting changes in W3TC then you would do a rinse and repeat of the original W3TC setup steps above.

[Author]

Posts