New install, but config.php is still standard wordpress config.php

[Tina Dubinsky]

Hi,

I’m doing a fresh install (new domain) on my first SSL site (https). I’m using a webhost I used a few years ago where BPS worked fine, but it appears they may have made some changes in the four years I’ve been away.

I downloaded the latest version.

Requested new keys.

Installed and went through the automatic scripts. It said everything was all fine.

When it came to adding the bonus code, instead of adding it it took me to a page can’t be found error.

I saw that my php version was not the recommended 7.0, so I updated and did it all again. (it was using 5.3).

Same problem.

I went through the ini_set options, made a couple of changes and saved it.

There are some php.ini options that aren’t at the recommended selection. It seems this host no longer allows shared servers to use a custom php.ini (although I have emailed them to confirm this) which they did previously (certifiedhosting).  I could make a couple of changes to the php.ini using cpanel, but not all the options were available to change.

I have manually tried to activate RBM and WBM, and I have run through the automatic setup process again.

When I ftp into the website the config.php is showing the standard wordpress config.php file still, not the BPS pro one.

I only have one other plugin installed at present (Akismet – not yet activated).

The theme is twentyseventeen default.

After installing WordPress the first thing I wanted to do was set up BPS pro.

I’m not sure what to do next to get it to work.

Hope you can help.

Cheers

-Tina

[AITpro Admin]

What does this mean – “When I ftp into the website the config.php is showing the standard wordpress config.php file still, not the BPS pro one.”  Please explain in more specific details.

[Tina Dubinsky]

Yeah…. I was looking at the wrong file. Sorry.

So, good news: the BPS .htaccess is all there!  And the web hosts have asked  me to send them the details for the php.ini file.

So my next issue is that when I try to use the custom code instead of saving it, it goes to a page not found error. Could this be because of the php server defaults – which I am hoping to get fixed?

When I first go to the custom code page the link is: /admin.php?page=bulletproof-security%2Fadmin%2Fcore%2Fcore.php#bps-tabs-7

Then, when I hit save it tries to open: /admin.php?page=bulletproof-security/admin/core/core.php#bps-tabs-7    – and I get page can’t be found and the custom code page doesn’t save.

[AITpro Admin]

The Custom Code 404 error problem sounds like a common known Mod Security issue > https://forum.ait-pro.com/forums/topic/mod-security-common-known-problems/  Try logging into your web host control panel and disable Mod Security.

[Tina Dubinsky]

Hi

Yes, they do have mod-security. It’s not in available for me to alter myself.  My host has said “we can of course disable it for you if you want to or just whitelist the ModSecurity rules that your script is hitting. Just let us know the domain name where you’re seeing this error and what you want to do (disable it for the domain or just whitelist the rules that is blocking the plugin).”

Do I tell them to disable completely or whitelist mod-security rules that the script is hitting? If the latter what would they be?

I found this old post from 2013 which appears to be similar to my problem: https://forum.ait-pro.com/forums/topic/how-to-turn-off-mod-security-mod_security-secfilterengine-off/

Cheers

-Tina

[AITpro Admin]

It is better to edit or remove the Mod Security rules that are causing the problem.  Send your website domain name to your host so they can edit or remove the Mod Security rules that are causing the problem.

[Tina Dubinsky]

Thanks for your help with this issue.  One of the hosts IT staff did find the rules that were being triggered and stop them.  I’ve now hit a different but I think it may be related so that’s why I’m continuing it here.

I received a 403 twice when browsing WordPress Themes.  403 error message only appeared in my browser after contacting my website host about a possible conflict with ModSecurity rules.

What I was doing :  Browsing WordPress Themes

What happened: 403 triggered twice (only captured once in the logs)

I asked them to look into any mod security rules being triggered and they responded: “our recent 403 error is actually from the “BPS WPADMIN” entries in your wp-admin/.htaccess file.
It appears to block several URLs, including anything with “install” in it.
I’ve gone ahead and disabled the .htaccess file by renaming it to .htaccess_ for you.”

Now the 403 log shows this:

HTTP_REFERER: https://sellmydamnbook.com/wp-admin/theme-install.php?search=woocomm
REQUEST_URI: /wp-admin/theme-install.php?

I’ve tried searching the forum for a whitelist solution but I haven’t found anything yet.

Obviously, I now have files sitting in quarantine as well thanks to my host making changes….

Cheers

-Tina

Ps I’m just totally confused at this point to be honest.  Never had so many problems trying to get a website up and running before. I thought the biggest problem with BPS would be the php.ini file but that was really easy.

[AITpro Admin]

Use FTP or your web host control panel file manager and delete the wp-admin htaccess file.  Are the Security Log entries still occurring or are they old Security Log entries?  Check the date/timestamp of any Security Log entries.

[Tina Dubinsky]

First I turned off autorestore…

Then I deleted the wp-admin .htaccess file via FTP.

Then as it said the file was missing on my site. I re ran the setup scripts.

Not sure if that ‘s what you meant for me to do…

Then, I went to: Themes|Add New|Search and typed in Storefront  (not even sure if this is the theme I want as I just want to browse right now)

It found storefront but then refreshed everything.

Had to search again for store front again and then that’s when I received a 403 error (again).

This is what came up

[403 GET Request: October 18, 2017 3:29 am]
BPS Pro: 13.3.3
WP: 4.8.2
Event Code: WPADMIN-SBR
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: [my ip was here]
Host Name: [my webhost for my internet connection was here]
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://sellmydamnbook.com/wp-admin/theme-install.php?search=storefront
REQUEST_URI: /wp-admin/theme-install.php?
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

The time and date appear to be correct. It’s about 12 hour behind my real time, so I think its the server time?

This is a new install to the log stamps aren’t old.

[AITpro Admin]

Ok now do BPS Pro Troubleshooting steps #1 and #2 > https://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting and do this again > “Had to search again for store front again and then that’s when I received a 403 error (again).”  What exactly does “search again for store front” mean?  How you are doing a search? What are you using to do the search?

[Tina Dubinsky]

Hi.

These are the steps that I followed.

I did trouble shooting step one.

Then I followed these steps

1. Clicked on Appearance in the back end admin sidebar menu.
2. Clicked on Themes.
3. Clicked on Add New.
4. Clicked inside the search themes search box.
5. Typed the words “Storefront”

Page refreshed and went to a 404 – Got an Oops! Page can’t be found result.

Went back to the troubleshooting steps and did #2.

Followed the same 5 steps above. At step 5, this time I typed in “Storefront woocommerce” and a list of themes (with Storefront woocommerce) appeared.

No Error messages.  Link to screencapture showing where I entered the words Storefront into the theme search box.

Now, I only added custom code into the root folder. So I’m not sure how removing this custom code will be the solution since it appears the wp admin .htaccess is causing this issue?

However, I’m going to go do the next step in Custom Code Note where it says to remove the custom code (I’ve only entered the custom code recommended by BPS) and will let you know how I go. (About to get a child to bed so the next steps may not happen for some hours.)

[Tina Dubinsky]

So, I cleared all the custom code from both the root folder and the wp-admin folder, even the custom code that was pre-entered (cut and pasted it into a textpad file noting the text box # it came from).

I tried to then activate both, and while the front end activated find the back end kept telling me it was activated.

So, I reentered the pre-typed custom code text that was already in the wp-admin custom code under text box #4 that begins with the following:

# BEGIN BPSQSE-check BPS QUERY STRING EXPLOITS AND FILTERS
# WORDPRESS WILL BREAK IF ALL THE BPSQSE FILTERS ARE DELETED
# Use BPS wp-admin Custom Code to modify/edit/change this code and to save it permanently.

I clicked on the wp-admin Folder BulletProof activation.

Then, I broke the back end. 🙂

I suppose my next step will be to ftp back into my site and delete the .htaccess file in the admin section.

[AITpro Admin]

Yep, you need to delete the wp-admin htaccess file so that your backend is working correctly again.  Delete the custom code that you added in the wp-admin Custom Code text box, save your changes and then reactivate wp-admin BulletProof Mode.  I tested the steps you did and did not see the same problem on this forum site or another test site.  What is very odd is that typing “storefont” in the Theme search text box should not trigger any BPS security rules in the wp-admin htaccess file.  At this point send me a WordPress Administrator login to this site so I can login and try to figure out the problem.  I have a feeling that Mod Security is still involved in this equation somehow.

[Tina Dubinsky]

Before responding to your post, I choose to finish rebuilding the root .htaccess with the custom code (one custom snippet at a time), activating and then testing the themes search box to see if the error occurred. I also re-added the custom code for the admin .htaccess.

Good news, the error appears to have gone.

I haven’t changed, added or deleted any of the custom code but it seems to be working now. I’ve tested it a few times (though I still haven’t tried to install a theme, just searched, browsed and previewed). If it happens again, I’ll send you the login details.  And, it wasn’t just typing the words storefront that triggered it. Typing any words into the search box triggered the error.

I have different website (an addon domain on the same server) that has a small problem which I’ll post about in a new thread. Please move it to this thread if you think its relevant or related.

[Tina Dubinsky]

And its back. Emailing you my admin details.

[Author]

Posts