Interference from NextGen gallery

Home Forums BulletProof Security Free Interference from NextGen gallery

This topic contains 1 reply, has 2 voices, and was last updated by  AITpro Admin 5 years, 4 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #323

    The latest version of NextGen Gallery (v1.9.7) requires one of its occasional “database updates” after the plugin is upgraded. Unfortunately, this is breaking my BPS protection since, after the database is allowed to do its update, BPS (v47.5) says:

    “The htaccess file that is activated in your root folder is:BULLETPROOF .47.5 >>>>>>> SECURE .HTACCESSEither a BPS htaccess file was NOT found in your root folder or you have not activated BulletProof Mode for your Root folder yet

    After some investigation, I have discovered that this is because just one of my .htaccess files (the root one) is being altered by NextGen (deleting most of the BPS additions, in fact). Is this a known issue? I have copies of the .htaccess file before and after, if it helps. To restore my full BPS protection, do I just need to click on “activate BulletProof Mode” in the section called “Activate Website Root Folder .htaccess Security Mode”?

    P.S. When I tried to submit this form on the old comment page (before noticing that you have this new forum), it refused to send – saying “ERROR: please enter a valid email address”. But it is valid!

    P.P.S. Why does this editor keep losing many of my newlines?


    AITpro Admin

    To answer you last questions first.

    I am testing a Prototype Anti-Comment Spam plugin on the AITpro Blog site.  I will look in the Anti-Comment Spam Logs to see why your comment was blocked.

    Not sure how you are entering your newlines / line breaks? I think hitting Shift-Enter on your keyboard would work fine to create line breaks.  When trying to post code and retain the line breaks you need to enclose the code in either pre or code tags

    Sounds like the Nextgen Gallery plugin is using the WordPress flush_rewrite_rules() function incorrectly.  This is a very common mistake that I see in 100’s of plugins.


    BulletProof Security Alert will not go away – “BPS Alert! Your site does not appear to be protected by BulletProof Security”

    This issue/problem can be caused by the Broken cPanel HotLink Protection Tool problem or if another plugin is using the WordPress function – flush_rewrite_rules() incorrectly or also if your Server API type is DSO (see DSO help information below). You can check/find your Server API type on the BPS System Info Tab page.

    Try refreshing your Browser first to see if the BPS alerts go away. These alerts could be left over from the previous check / last function check.

    Important Note: The Lock Root .htaccess file button not only locks the root .htaccess file for protection, but this also protects BPS / your website from plugins that are using the WordPress function – flush_rewrite_rules() incorrectly. This particular WordPress function is very misunderstood and is used incorrectly in a lot of plugins and of course causes a lot of problems for other plugins that create or write .htaccess code such as BPS, BPS Pro, W3 Total Cache, WP Super Cache, etc etc etc. The WordPress flush_rewrite_rules() function should ONLY be used in plugin deactivation and plugin activation functions, but since this WordPress function is very misunderstood it is used outside of the intended purpose for that function, which of course breaks other plugins that write or create .htaccess files or code.

    Eliminating the possibility of a plugin conflict (flush_rewrite_rules() function used incorrectly):

    1. Deactivate all of your plugins except for BPS.
    2. Activate BulletProof Modes again.
    3. Refresh your Browser.

    If the problem is still occurring at this point then it is not being caused by another plugin using the WordPress flush_rewrite_rules() function incorrectly.

    If the problem is not occurring then be sure to lock your root .htaccess file before activating your plugins again or the same problem will occur again and your root .htaccess file code will be wiped out again by the WordPress flush_rewrite_rules() function in whatever plugin that is not using this function correctly

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.