Home › Forums › BulletProof Security Pro › PHP file download when accessing site
Tagged: ModSecurity
- This topic has 18 replies, 2 voices, and was last updated 5 years, 3 months ago by AITpro Admin.
-
AuthorPosts
-
AITpro AdminKeymaster
I didn’t receive your last forum reply email. Sometimes that happens. Probably got blocked/rejected by Spam Assassin on our host server. I assume the new Custom Code Encryption feature to evade/bypass ModSecurity CRS worked fine to allow you to save your custom htaccess code then. Great!
AbZu2ParticipantThe new Custom Code Encryption feature in version 14.1 to evade/bypass ModSecurity CRS worked perfectly.
Kudos on your eternal refinements to a great plugin.AbZu2ParticipantInvestigating the cause of my crashed site, it seems that in the implementation of a new cPanel template by BlueHost, they for whatever reason updated the PHP version to the latest. This caused a conflict with the PHP handler info in .htaccess and thus my site crashed. Reverting to 7.0 fixed the problem. Further fixes are detailed in this thread.
AITpro AdminKeymasterThanks for confirming the new Custom Code Encryption feature successfully evades/bypasses ModSecurity CRS on BlueHost hosting. We tested the new Custom Code Encryption|Decryption feature on several different web host testing accounts, but do not have a BlueHost test hosting account to test with.
If you would like to safely/smoothly upgrade/switch to PHP 7.2.7 do the steps below:
1. Turn Off BPS Pro AutoRestore|Quarantine.
2. Unlock your root htaccess file on the BPS Pro > B-Core > htaccess File Editor page > click the Unlock htaccess File button. Note: If your web host adds php/php.ini htaccess code in your root htaccess file when you switch php server versions then unlocking your root htaccess file allows your web host to add php handler htaccess code to the very top of your root htaccess file.
3. Login to your web host control panel and switch your php version to the php version you would like to use.
4. Go back to the BPS Pro > B-Core > htaccess File Editor page > click the Your Current Root htaccess File tab > copy the new php handler htaccess code added at the very top of your root htaccess file. Note: If your web host does not use php handler htaccess code then you will not see any new php handler htaccess code at the top of your root htaccess file – skip steps 5, 6, 7 and 8 and do steps 9 and 10.
5. Go to the Custom Code tab page > click the Root htaccess File Custom Code accordion tab/button.
6. Paste your new php handler htaccess code in this BPS Root Custom Code text box: 1. CUSTOM CODE TOP PHP/PHP.INI HANDLER/CACHE CODE. Important Note: delete/cut/overwrite any older php handler htaccess code that you see in this Custom Code text box.
7. Click the Save Root Custom Code button. Note: If your web host has ModSecurity CRS installed and you are unable to save your Custom Code then click the Encrypt Custom Code button first and then click the Save Root Custom Code button.
8. Go to the Security Modes tab page > click the Root Folder BulletProof Mode Activate button.
9. Go to the htaccess File Editor tab page > click the Lock htaccess File button.
10. Turn AutoRestore|Quarantine back On. -
AuthorPosts
- You must be logged in to reply to this topic.