Random General Questions

[AITpro Admin]

Ah now I get what you are asking.  Maybe this will do the trick – when you run the BPS Pro Setup Wizard AutoRestore|Quarantine is completely setup.  If you want to do additional/extra things then you would use the additional/extra tools provided in AutoRestore.  So if you have additional/extra folders and files that you want to monitor and protect then you would use these additional tools, otherwise you would not use any of these additional/extra tools.

Yes, the correct usage applies to all folders and files if you are doing anything manually.

[Living Miracles]

Ok, feels like we’re getting closer to understanding this. We’re imagining the usual things- uploading a PDF/HTML/TXT file, uploading an image folder, uploading an audio/video file, etc. For all of these examples, it sounds like we would just use the “Correct Usage” steps.

Could you just give us one example of an “additional/extra folder or file that we might want to monitor and protect” in a scenario where the “Correct Usage” steps wouldn’t apply?

[AITpro Admin]

Yes that is correct.

I will use one of the examples from the Read Me help text on the Add|Exclude Other Folders & Files page.  If you had a folder named  “orange” and you want to monitor and protect all files in the “orange” folder then you would use the Add Folders & Files tool to add this non-WordPress folder and non-WordPress files to be monitored by ARQ.

Add Top Level Folder option
This tool is ONLY for adding static files or static files that are dynamically updated – See NOTE above. Best Recommend use is to select the Add Top Level Folder option to add an entire non-WordPress folder to backup and to be checked by the ARQ Cron. Example: You have a Top Level non-WordPress Folder named orange. The folder path is /xxxxx/xxxxx/orange. You would select the Add Top Level Folder option and then enter the folder path to this folder /xxxxx/xxxxx/orange in the Enter an Add Folder or File Path text box and click the Add button. Additional Add options are Add a Specific Folder and Add An Individual File.

[Living Miracles]

We just uploaded a test text file to our Root Website folder using the “Correct Usage” steps. According to the definition above, this test file would be considered a non-WordPress file. Everything worked perfectly and the file is now protected by ARQ without having needed to use the “Add Folders & Files” tool.

So, this makes us think that perhaps the “Add Folders & Files” tool actually applies specifically to non-WordPress “Folders WITH Files” (as opposed to “Folders & Files”). This theory seems to correspond to the example you cited. Can you confirm whether or not this is correct?

[AITpro Admin]

Nope none of what you stated is correct.  I have no idea how to explain this any differently or any clearer to you. 😉  So just let files be quarantined and restore them from quarantine when that happens.  Just a different approach.  Completely forget about the Add Folders & Files tool.  Maybe 1 in 1,000 people might use those tools so just ignore them.

[Living Miracles]

Ok haha, well thank you for confirming the other approach (“just let files be quarantined and restore them from quarantine when that happens”) as this seems somewhat more secure (i.e. we never are in a position where the ARQ is completely turned off), so we are happy to use that approach.

Perhaps we could look at another example which feels quite crucial to us at this moment. Our website was hacked earlier this month and so we’re wanting to be very thorough with our understanding of the functionality of BPS Pro in order to make sure we’re using it correctly so that we’re maximizing its potential.

We just uploaded a test folder (with 2 files in it) into the wp-content/ directory while leaving the ARQ Cron turned ON. We expected that the folder would get quarantined. However, nothing happened and the folder was fully accepted by the site. This concerns us because obviously if a hacker happened to gain FTP access to our site, they could easily upload a folder without us knowing about it.

We also tried uploading a different folder into the root directory as well as uploading an individual file into the wp-content/ directory. None of these tests triggered the Quarantine. Just to be sure everything was still on, we repeated our test of adding an individual file into the root directory, and that did trigger the Quarantine.

Ideally, we want everything on our site to be protected by ARQ. Do these tests make sense to you and what would you recommend as the easiest way that we make sure everything is fully protected?

[AITpro Admin]

Yes, the test files should have been quarantined and a mirror test folder should have been created in quarantine.  The only logical explanation I can think of why the files were not quarantined is there is some kind of folder permission or Ownership problem occurring.  Is the Owner of the folders you uploaded the same Owner as the wp-content folder?  What are the folder permissions?  Have you setup anything restrictive on your server that deals with permissions or Ownership?  If you have no idea what I am talking about then I will need both an FTP login to this website and a WordPress Administrator login to this site to check all of these things.  If you opt for me to login then you can send the FTP and WordPress Admin login info to info at ait-pro dot com.

[Living Miracles]

Ah, interesting. Yes, the Owner is the same as the wp-content folder Owner. The folder permissions are 705. We haven’t personally setup anything restrictive, though this site is a GoDaddy Managed WordPress site, so we are aware that there are certain restrictions inherent in that hosting environment.

We will gladly share the access info with you if needed.

[AITpro Admin]

Go Daddy Managed WordPress hosting is a completely different animal so that changes everything:  http://forum.ait-pro.com/forums/topic/gdmw/  They used to allow you to add anything you wanted under the /wp-content/ folder so maybe that is no longer allowed?  You are restricted in the website root folder and are only allowed to edit the following files so I am not sure how you were even able to upload a file to the root folder?  Since you have GDMW hosting then contact GDMW support and ask them if you are still allowed to create folders under the /wp-content/ folder.

This feature means you can only edit the following directories and files on Managed WordPress accounts:
/wp-content
wp-config.php
.htaccess
favicon.ico
You can also edit any directories or files you upload yourself, such as a php.ini file.

[AITpro Admin]

Wierd the last GDMW help statement completely contradicts the first help statement.  So get them to clear that up for you and let me know which is true.

[Living Miracles]

We spoke to GoDaddy and they confirmed that we can still add/upload anything we want under the wp-content and root folders. All WordPress core files (wp-admin folder, wp-includes folder, and all files in the root directory except for the .htaccess, robots.txt, and wp-config.php) are read-only and are locked down by GoDaddy changing ownership to “root” on those files. Also GoDaddy told us that all core files are set to Linux default permissions (folders are 705, files are 604). GoDaddy sets all its “Group” permissions to zero.

We were told by GoDaddy that the BPS Pro plugin shouldn’t have any issue accessing the root and wp-content folders when applying ARQ rules.

We can confirm that we have no problem uploading anything (files, folders) to the wp-content folder. The issue we’re having is that we are able to upload, via SFTP, files and folders into the wp-content folder without ARQ getting triggered and moving those folders and files into Quarantine; the same goes for folders that we upload via SFTP into our website root folder – ARQ only gets triggered when we upload single files into the root folder.

So, we just want to be really clear: When using SFTP/FTP to upload files or folders into either our website root folder or the wp-content folder, with the ARQ Cron running, ARQ should be catching those files and folders and place them into Quarantine, correct?

Your response from earlier seems indicates this:
“Yes the test files should have been quarantined and a mirror test folder should have been created in quarantine.”

If this is all correct, we want to know why ARQ is not behaving as expected.

Again, we are happy to provide login/SFTP information if needed.

[AITpro Admin]

Yes, correct the files should be quarantined.  So from all the GDMW help info you got, everything should probably be working normally.  So send me the FTP and WP Admin login info to this site and I will see if I can figure out why things are not working like they should be.

[carsafety]

Edit: I created this in a new topic, not sure why it appended to this topic sorry.

In wordpress, I changed a permalink for a Page.  it was /xxxx-title-of-page/ and i changed it to /yyyy-title-of-page/

In the past, this automatically redirected the requests for the old URL to the new one, but it didn’t work this time.  The old one now results in a 404 not found error and it’s one of our top pages.

I went to cpanel to enter a 301 permanent redirect, but that didn’t work either, even though I could see the code appended to the bottom of the .htaccess file.

I grabbed the code and copied it to the CUSTOM CODE BOTTOM part of BPS Pro, then saved and clicked the activate buttons etc.  The code shows in both secure and current root htaccess file within BPS Pro.  But it’s still not redirecting.

I contacted my hosting support, but case they can’t figure it out, do you have any suggestions?  I’m guessing it’s related to BPS Pro but not sure.

[AITpro Admin]

Edit response:  Your topic was intentionally moved to this general topic.  If it turns out that this problem is caused by BPS Pro and a new forum topic needs to be created from this general question then your topic will be split into a new topic.  This method keeps the forum well organized and maintains good forum searchability.

Changing the URL|URI for a Post or Page should automatically rewrite to the new URL|URI without you having to do anything else.  This does not sound like a problem that is caused by BPS Pro, but that is possible.  Do these BPS Pro troubleshooting steps to confirm or eliminate that BPS Pro is causing the problem.

http://forum.ait-pro.com/forums/topic/read-me-first-pro/#bps-pro-general-troubleshooting

2. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button. See Custom Code Note.
3. On the Security Modes page, click the wp-admin Folder BulletProof Mode Deactivate button. See Custom Code Note.
4. On the Security Modes page, click the Plugin Firewall BulletProof Mode Deactivate button.
5. On the Security Modes page, click the UAEG BulletProof Mode Deactivate button.

[carsafety]

Thanks- so far hosting hasn’t been able to fix it but I’ll wait to hear from them again until I start disabling modules and making changes.

I did notice that ARQ had somehow been re-enabled.  I had it disabled since it’s messed me up a number of times before I realized what was happening.  Perhaps it defaulted in one of the last version updates I’m not sure.  I turned that off, but don’t know if it was related yet.

Like I said, it used to auto-redirect just changing the page or post permalink so not sure what happened.  I haven’t added any new plugins in quite some time but something must have conflicted, maybe its something on the server.

[Author]

Posts